On 02/20/2012 12:02 PM, Yair Zaslavsky wrote:
On 02/20/2012 09:39 AM, Oved Ourfalli wrote:
Hey,
More information on the domain infrastructure we have can be found in: http://www.ovirt.org/wiki/DomainInfrastructure (I might update it more soon, but it can give you a basic view of how the domain management in oVirt is working, and what do you need to update in order to support a new ldap provider).
Oved I just would like to add that in general, when one wants to add a new LDAP server support, it should be realized that there are two main issues to take care of: a. How authentication to LDAP server is performed (examples we encountered in the past - Kerberos/GSSAPI and SIMPLE).
The lack of SSL support is glaring. Except for AD, the whole world is using SSL (TLS actually) for authentication and/or encryption.
b. How to perform the ldap queries (i.e - use proper schema)
Most products allow you to specify the search attribute (samaccountname in AD for example). Do we really need a lot more from the scheme? (The base DN to search from is also a bit missing, but that's not part of the scheme, but our own configuration) Y.
This is at least how I see it.
Yair
----- Original Message -----
From: "Itamar Heim"<iheim@redhat.com> To: "Nathan Stratton"<nathan@robotics.net> Cc: users@ovirt.org Sent: Sunday, February 19, 2012 11:14:24 PM Subject: Re: [Users] LDAP
On Sun, 19 Feb 2012, Itamar Heim wrote:
the current code supports AD, freeIPA/IPA and 389ds/RHDS. if apache directory server is similar to any of them, you could try hacking the code to add support for it. Ok, will go with 389 for now, its in the family, tho Gluster is in the family and you don't support it as a storage file system... : )
On 02/19/2012 11:11 PM, Nathan Stratton wrote: please remember you need 389ds with kerberos support.
gluster is in the works... see: http://www.ovirt.org/wiki/AddingGlusterSupportToOvirt
Just kidding, you guys are great, keep up the good work.
<> Nathan Stratton CTO, BlinkMind, Inc. nathan at robotics.net nathan at blinkmind.com http://www.robotics.net http://www.blinkmind.com
Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users