On Thu, 23 Feb 2012, Yaniv Kaul wrote:
LDAP cannot be 'just used'. It needs to be connected to (we use Kerberos, many use SSL/TLS) and it needs the correct schema configuration. FreeIPA uses Kerberos and LDAP.
True, but I use LDAP to auth a bunch of boxes on a private network and that seams to work fine. Anyway... Still trying to get this to work. I now have freeipa installed with a user setup. I am able to kinit that user and everything works fine however I get the following error: [root@ovirt-engine log]# engine-manage-domains -action=add -domain=blinkmind.net -user=nathan -passwordFile=/etc/shadow -interactive Error: exception message: Integrity check on decrypted field failed (31) - PREAUTH_FAILED Failure while testing domain blinkmind.net. Details: Kerberos error. Please check log for further details.
<> Nathan Stratton CTO, BlinkMind, Inc. nathan at robotics.net nathan at blinkmind.com http://www.robotics.net http://www.blinkmind.com