[ovirt-users] Re: LDAP Authentication issues

Dear All, I'm having problems getting LDAP running, login works, but I'm getting "user is not authorised to perform login" - this is even if i specify the UserRole specifically to the LDAP group the user is in. 2018-05-25 08:56:16,212+01 INFO [org.ovirt.engine.core.sso.utils.AuthenticationUtils] (default task-23) [] User callum@Biomedical Research Computing successfully logged in with scopes: ovirt-app-admin ovirt-app-api ovirt-app-portal ovirt-ext=auth:sequence-priority=~ ovirt-ext=revoke:revoke-all ovirt-ext=token-info:authz-search ovirt-ext=token-info:public-authz-search ovirt-ext=token-info:validate ovirt-ext=token:password-access 2018-05-25 08:56:16,391+01 INFO [org.ovirt.engine.core.bll.aaa.CreateUserSessionCommand] (default task-25) [63e60fe9] Running command: CreateUserSessionCommand internal: false. 2018-05-25 08:56:16,430+01 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (default task-25) [63e60fe9] EVENT_ID: USER_VDC_LOGIN_FAILED(114), User callum@Biomedical Research Computing connecting from '192.168.65.254' failed to log in<UNKNOWN>. 2018-05-25 08:56:16,430+01 ERROR [org.ovirt.engine.core.aaa.servlet.SsoPostLoginServlet] (default task-25) [] The user callum@Biomedical Research Computing is not authorized to perform login on a side note: is it possible to assign permissions to all members of an LDAP tree where they dont have a common group membership? Regards, Callum -- Callum Smith Research Computing Core Wellcome Trust Centre for Human Genetics University of Oxford e. callum(a)well.ox.ac.uk _______________________________________________ Users mailing list -- users(a)ovirt.org To unsubscribe send an email to users-leave(a)ovirt.org