Re: [ovirt-users] ovirt-engine-extension-aaa-ldap and sysprep domain join

From: "Cristian Mammoli" <c.mammoli(a)apra.it&gt; To: "Shahar Havivi" <shaharh(a)redhat.com&gt;, "Alon Bar-Lev" <alonbl(a)redhat.com&gt; Cc: "users" <users(a)ovirt.org&gt; Sent: Tuesday, October 27, 2015 11:19:02 AM Subject: Re: [ovirt-users] ovirt-engine-extension-aaa-ldap and sysprep domain join So just pasting there the contents of a modified /usr/share/ovirt-engine/conf/sysprep/sysprep.w7x64 (for example) should work right? The variables like '![CDATA[$OrgName$' will be replaced? Il 26/10/2015 12:43, Shahar Havivi ha scritto: > On 26.10.15 06:23, Alon Bar-Lev wrote: >> Hi, >> The usage of the engine-manage-domain user to anything else but ldap >> searches is something that is unexpected and insecure. >> As a solution, you may either paste a modified sysprep file into the pool >> at UI or set up a different osinfo profile with modified sysprep file, >> this modified sysprep file can contain the credentials of the user that >> is being used for joining the domain. >> CCing Shahar which may assist farther. > Hi, > You can paste a modified sysprep file to "new Pool"->"Initial run"->"Custom > Script" > As Alon mentioned. >> -- Mammoli Cristian System administrator T. +39 0731 22911 Via Brodolini 6 | 60035 Jesi (an)