Re: [ovirt-users] FreeIPA

22 Sep 2015

      This is a multi-part message in MIME format.
--------------000504020604060006000002
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit

Once you have installed ovirt-engine-extension-aaa-ldap and 
ovirt-engine-extension-aaa-ldap-setup

You can run ovirt-engine-extension-aaa-ldap-setup and follow the steps 
to set up ldap.

Once that is done you can login to webadmin and add users/groups from ipa

On 09/22/2015 11:57 AM, suporte@logicworks.pt wrote:
...
Here is what I'm trying to do:
Ovirt engine : engine.domain.tld
Freeipa 4.1.0 : ipa.domain.tld
I have installed on the engine:
/ovirt-engine-extension-aaa-ldap/
/openldap-clients/
/etc/ovirt-engine/aaa/profile1.properties:
#
# Select one
#
#include = <openldap.properties>
#include = <389ds.properties>
#include = <rhds.properties>
include = <ipa.properties>
#include = <iplanet.properties>
#include = <rfc2307.properties>
#include = <rfc2307-openldap.properties>
#
# Server
#
vars.server = ipa.domain.tld
#
# Search user and its password.
#
vars.user = uid=search,cn=users,cn=accounts,dc=domain,dc=tld
vars.password =/ipa_admin_password/
pool.default.serverset.single.server = ${global:vars.server}
pool.default.auth.simple.bindDN = ${global:vars.user}
pool.default.auth.simple.password = ${global:vars.password}
# Create keystore, import certificate chain and uncomment
# if using ssl/tls.
#pool.default.ssl.startTLS = true
#pool.default.ssl.truststore.file = ${local:_basedir}/${global:vars.server}.jks
#pool.default.ssl.truststore.password = changeit
On the engine cannot find any users configured on the ipa server.
Any help?
Thanks
Jose
------------------------------------------------------------------------
*De: *"Alon Bar-Lev" <alonbl@redhat.com>
*Para: *suporte@logicworks.pt
*Cc: *"users" <users@ovirt.org>
*Enviadas: *Sexta-feira, 18 De Setembro de 2015 15:48:22
*Assunto: *Re: [ovirt-users] FreeIPA
----- Original Message -----
...
From: suporte@logicworks.pt
To: "users" <users@ovirt.org>
Sent: Friday, September 18, 2015 5:45:18 PM
Subject: [ovirt-users] FreeIPA
Hi,
Is there any documentation about FreeIPA integration with oVirt 3.5 
and how
to configure it?
Hi,
Please find documentation at [1][2].
Regards,
Alon Bar-Lev.
[1] http://www.ovirt.org/Features/AAA
[2] 
https://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-ldap.git;a=blob...
_______________________________________________
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
--------------000504020604060006000002
Content-Type: text/html; charset=windows-1252
Content-Transfer-Encoding: 7bit

<html>
  <head>
    <meta content="text/html; charset=windows-1252"
      http-equiv="Content-Type">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    <div class="moz-cite-prefix">Once you have installed
      ovirt-engine-extension-aaa-ldap and
      ovirt-engine-extension-aaa-ldap-setup<br>
      <br>
      You can run ovirt-engine-extension-aaa-ldap-setup and follow the
      steps to set up ldap.<br>
      <br>
      Once that is done you can login to webadmin and add users/groups
      from ipa<br>
      <br>
      On 09/22/2015 11:57 AM, <a class="moz-txt-link-abbreviated" href="mailto:suporte@logicworks.pt">suporte@logicworks.pt</a> wrote:<br>
    </div>
    <blockquote
      cite="mid:1706731369.91118.1442937460886.JavaMail.zimbra@logicworks.pt"
      type="cite">
      <div style="font-family: Times New Roman; font-size: 10pt; color:
        #000000">
        <div>Here is what I'm trying to do:<br>
        </div>
        <div><br>
          Ovirt engine : engine.domain.tld<br>
        </div>
        <div>Freeipa 4.1.0 : ipa.domain.tld<br>
        </div>
        <div><br>
        </div>
        <div>I have installed on the engine:
          <pre class="western" style="margin-bottom: 0.5cm;" data-mce-style="margin-bottom: 0.5cm;"><i>ovirt-engine-extension-aaa-ldap</i>
</pre>
          <pre class="western" style="margin-bottom: 0.5cm;" data-mce-style="margin-bottom: 0.5cm;"><i>openldap-clients</i>

/etc/ovirt-engine/aaa/profile1.properties:
#
# Select one
#
#include = <openldap.properties>
#include = <389ds.properties>
#include = <rhds.properties>
include = <ipa.properties>
#include = <iplanet.properties>
#include = <rfc2307.properties>
#include = <rfc2307-openldap.properties>

#
# Server
#
vars.server = ipa.domain.tld

#
# Search user and its password.
#
vars.user = uid=search,cn=users,cn=accounts,dc=domain,dc=tld
vars.password = <em>ipa_admin_password</em>

pool.default.serverset.single.server = ${global:vars.server}
pool.default.auth.simple.bindDN = ${global:vars.user}
pool.default.auth.simple.password = ${global:vars.password}

# Create keystore, import certificate chain and uncomment
# if using ssl/tls.
#pool.default.ssl.startTLS = true
#pool.default.ssl.truststore.file = ${local:_basedir}/${global:vars.server}.jks
#pool.default.ssl.truststore.password = changeit

On the engine cannot find any users configured on the ipa server.

Any help?

Thanks

Jose
</pre>
          <br>
        </div>
        <div><br>
        </div>
        <hr id="zwchr">
        <div
style="color:#000;font-weight:normal;font-style:normal;text-decoration:none;font-family:Helvetica,Arial,sans-serif;font-size:12pt;"
          data-mce-style="color: #000; font-weight: normal; font-style:
          normal; text-decoration: none; font-family:
          Helvetica,Arial,sans-serif; font-size: 12pt;"><b>De: </b>"Alon
          Bar-Lev" <a class="moz-txt-link-rfc2396E" href="mailto:alonbl@redhat.com"><alonbl@redhat.com></a><br>
          <b>Para: </b><a class="moz-txt-link-abbreviated" href="mailto:suporte@logicworks.pt">suporte@logicworks.pt</a><br>
          <b>Cc: </b>"users" <a class="moz-txt-link-rfc2396E" href="mailto:users@ovirt.org"><users@ovirt.org></a><br>
          <b>Enviadas: </b>Sexta-feira, 18 De Setembro de 2015 15:48:22<br>
          <b>Assunto: </b>Re: [ovirt-users] FreeIPA<br>
          <div><br>
          </div>
          <br>
          <div><br>
          </div>
          ----- Original Message -----<br>
          > From: <a class="moz-txt-link-abbreviated" href="mailto:suporte@logicworks.pt">suporte@logicworks.pt</a><br>
          > To: "users" <a class="moz-txt-link-rfc2396E" href="mailto:users@ovirt.org"><users@ovirt.org></a><br>
          > Sent: Friday, September 18, 2015 5:45:18 PM<br>
          > Subject: [ovirt-users] FreeIPA<br>
          > <br>
          > Hi,<br>
          > <br>
          > Is there any documentation about FreeIPA integration with
          oVirt 3.5 and how<br>
          > to configure it?<br>
          > <br>
          <div><br>
          </div>
          Hi,<br>
          <div><br>
          </div>
          Please find documentation at [1][2].<br>
          <div><br>
          </div>
          Regards,<br>
          Alon Bar-Lev.<br>
          <div><br>
          </div>
          [1] <a class="moz-txt-link-freetext" href="http://www.ovirt.org/Features/AAA">http://www.ovirt.org/Features/AAA</a><br>
          [2]
<a class="moz-txt-link-freetext" href="https://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-ldap.git;a=blob;f=README;hb=ovirt-engine-extension-aaa-ldap-1.0">https://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-ldap.git;a=blob;f=README;hb=ovirt-engine-extension-aaa-ldap-1.0</a><br>
        </div>
        <div><br>
        </div>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
Users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Users@ovirt.org">Users@ovirt.org</a>
<a class="moz-txt-link-freetext" href="http://lists.ovirt.org/mailman/listinfo/users">http://lists.ovirt.org/mailman/listinfo/users</a>
</pre>
    </blockquote>
    <br>
  </body>
</html>

--------------000504020604060006000002--

Re: [ovirt-users] FreeIPA

Ravi Nori