Re: [ovirt-users] Extension aaa: No search for principal
----- Original Message -----
From: "Daniel Helgenberger"
<daniel.helgenberger(a)m-box.de>
To: "Alon Bar-Lev" <alonbl(a)redhat.com>
Cc: Users(a)ovirt.org
Sent: Tuesday, September 15, 2015 11:09:45 PM
Subject: Re: [ovirt-users] Extension aaa: No search for principal
I think I did find the issue here;
my domain is named int.corp.com
I have defined several UPN aliases and our real world users do use the UPN
@corp.com.
Using some internal user with UPN int.corp.com the authentication works as
expected; while my real world users fail.
I tried to create a new profile for that; but it fails to load off course
because the domain corp.com cannot be connected.
the user is upn, users should specify their full upn if this non default domain suffix.
you do not need a new profile.
in your case it would probably be user1(a)corp.com for user1.