On 2020-05-29 08:08, Martin Perina wrote:

Hi Stack,

if I understand correctly your custom SSL certificates are working correctly and you are able to login to webadmin using admin@internal, right?

Correct.

If the problem is, that your aaa-ldap profile is not visible in the login dialog, then there is some issue with aaa-ldap configuration. You have mentioned that you used ovirt-engine-extension-aaa-ldap-setup tool to create you aaa-ldap profile, have you executed login and search operation at the end of setup tool? If so, were they successful?

I did and yes they were.

Anyway right you can use following command to debug your aaa extensions setup:

# ovirt-engine-extensions-tool info list-extensions

Using above command, could you see authn and authz instance of your aaa-ldap profile?

I do see both authz and authn.

If so, please try below tests:

1. Checking is user search is working:

# ovirt-engine-extensions-tool aaa search --extension-name=<YOUR PROFILE AUTHZ NAME> --entity-name=<VALID LDAP USERNAME>

It does work and it returns valid information.

2. Checking if login is working

# ovirt-engine-extensions-tool aaa login-user --profile=<YOUR PROFILE NAME> --user-name=<VALID LDAP USERNAME>

A result=SUCCESS on that too!
However, I still don't see a second profile option on the web login.

Thanks for responding and giving me some help!