
Hi Team, Good Morning. I configured the ovirt with LDAP setup. Is there an *oVirt tool* (or any way) to add all the users from LDAP to Ovirt? *Observation* : 1) I am able to see that when I try to login with the user from LDAP, that user is added in Ovirt database, So Is there a way to sync all the users from LDAP to Ovirt using any oVirt tool or API? Any help is much appreciated. Thanks, Hari -- DISCLAIMER - *MSysTechnologies LLC* This email message, contents and its attachments may contain confidential, proprietary or legally privileged information and is intended solely for the use of the individual or entity to whom it is actually intended. If you have erroneously received this message, please permanently delete it immediately and notify the sender. If you are not the intended recipient of the email message,you are notified strictly not to disseminate,distribute or copy this e-mail.E-mail transmission cannot be guaranteed to be secure or error-free as Information could be intercepted, corrupted, lost, destroyed, incomplete or contain viruses and MSysTechnologies LLC accepts no liability for the contents and integrity of this mail or for any damage caused by the limitations of the e-mail transmission.

Guys any update on this ? Any help is much useful for me 😊 On Mon, 23 Jul 2018 at 9:04 PM, Hari Prasanth Loganathan < hariprasanth.l@msystechnologies.com> wrote:
Hi Team,
Good Morning.
I configured the ovirt with LDAP setup.
Is there an *oVirt tool* (or any way) to add all the users from LDAP to Ovirt?
*Observation* :
1) I am able to see that when I try to login with the user from LDAP, that user is added in Ovirt database, So Is there a way to sync all the users from LDAP to Ovirt using any oVirt tool or API?
Any help is much appreciated.
Thanks, Hari
-- DISCLAIMER - *MSysTechnologies LLC* This email message, contents and its attachments may contain confidential, proprietary or legally privileged information and is intended solely for the use of the individual or entity to whom it is actually intended. If you have erroneously received this message, please permanently delete it immediately and notify the sender. If you are not the intended recipient of the email message,you are notified strictly not to disseminate,distribute or copy this e-mail.E-mail transmission cannot be guaranteed to be secure or error-free as Information could be intercepted, corrupted, lost, destroyed, incomplete or contain viruses and MSysTechnologies LLC accepts no liability for the contents and integrity of this mail or for any damage caused by the limitations of the e-mail transmission.

It's not, but you can write a script which can do this. But if you want all users from the ldap are able to login I would suggest to you create some group in LDAP and add all users as a member of this group and add this group to ovirt and assign it the permissions. On 07/23/2018 08:36 PM, Hari Prasanth Loganathan wrote:
Guys any update on this ?
Any help is much useful for me 😊
On Mon, 23 Jul 2018 at 9:04 PM, Hari Prasanth Loganathan <hariprasanth.l@msystechnologies.com <mailto:hariprasanth.l@msystechnologies.com>> wrote:
Hi Team,
Good Morning.
I configured the ovirt with LDAP setup.
Is there an *oVirt tool* (or any way) to add all the users from LDAP to Ovirt?
_*Observation*_ :
1) I am able to see that when I try to login with the user from LDAP, that user is added in Ovirt database, So Is there a way to sync all the users from LDAP to Ovirt using any oVirt tool or API?
Any help is much appreciated.
Thanks, Hari
DISCLAIMER- *MSysTechnologies LLC*
This email message, contents and its attachments may contain confidential, proprietary or legally privileged information and is intended solely for the use of the individual or entity to whom it is actually intended. If you have erroneously received this message, please permanently delete it immediately and notify the sender. If you are not the intended recipient of the email message,you are notified strictly not to disseminate,distribute or copy this e-mail.E-mail transmission cannot be guaranteed to be secure or error-free as Information could be intercepted, corrupted, lost, destroyed, incomplete or contain viruses and MSysTechnologies LLC accepts no liability for the contents and integrity of this mail or for any damage caused by the limitations of the e-mail transmission.
_______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-leave@ovirt.org Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/TNDRY46K7PYM2T...

Hi Ondra, Thanks much for the suggestion. Much Appreciated. It's not, but you can write a script which can do this. - Could you give a small brief on the type of script we need to write? On Tue, Jul 24, 2018 at 12:50 PM, Ondra Machacek <omachace@redhat.com> wrote:
It's not, but you can write a script which can do this. But if you want all users from the ldap are able to login I would suggest to you create some group in LDAP and add all users as a member of this group and add this group to ovirt and assign it the permissions.
On 07/23/2018 08:36 PM, Hari Prasanth Loganathan wrote:
Guys any update on this ?
Any help is much useful for me 😊
On Mon, 23 Jul 2018 at 9:04 PM, Hari Prasanth Loganathan < hariprasanth.l@msystechnologies.com <mailto:hariprasanth.l@msystec hnologies.com>> wrote:
Hi Team,
Good Morning.
I configured the ovirt with LDAP setup.
Is there an *oVirt tool* (or any way) to add all the users from LDAP to Ovirt?
_*Observation*_ :
1) I am able to see that when I try to login with the user from LDAP, that user is added in Ovirt database, So Is there a way to sync all the users from LDAP to Ovirt using any oVirt tool or API?
Any help is much appreciated.
Thanks, Hari
DISCLAIMER- *MSysTechnologies LLC*
This email message, contents and its attachments may contain confidential, proprietary or legally privileged information and is intended solely for the use of the individual or entity to whom it is actually intended. If you have erroneously received this message, please permanently delete it immediately and notify the sender. If you are not the intended recipient of the email message,you are notified strictly not to disseminate,distribute or copy this e-mail.E-mail transmission cannot be guaranteed to be secure or error-free as Information could be intercepted, corrupted, lost, destroyed, incomplete or contain viruses and MSysTechnologies LLC accepts no liability for the contents and integrity of this mail or for any damage caused by the limitations of the e-mail transmission.
_______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-leave@ovirt.org Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/communit y/about/community-guidelines/ List Archives: https://lists.ovirt.org/archiv es/list/users@ovirt.org/message/TNDRY46K7PYM2TCIHR3IHUL2B6LPV2QC/
-- DISCLAIMER - *MSysTechnologies LLC* This email message, contents and its attachments may contain confidential, proprietary or legally privileged information and is intended solely for the use of the individual or entity to whom it is actually intended. If you have erroneously received this message, please permanently delete it immediately and notify the sender. If you are not the intended recipient of the email message,you are notified strictly not to disseminate,distribute or copy this e-mail.E-mail transmission cannot be guaranteed to be secure or error-free as Information could be intercepted, corrupted, lost, destroyed, incomplete or contain viruses and MSysTechnologies LLC accepts no liability for the contents and integrity of this mail or for any damage caused by the limitations of the e-mail transmission.

Also Ondra, I added the list of users in a group in LDAP and I am able to discover all the users in ovirt UI (In add users and groups tab). *Is there an API *to discover the users in LDAP and add in the user's table in Ovirt? Thanks, Hari On Tue, Jul 24, 2018 at 2:53 PM, Hari Prasanth Loganathan < hariprasanth.l@msystechnologies.com> wrote:
Hi Ondra,
Thanks much for the suggestion. Much Appreciated.
It's not, but you can write a script which can do this. - Could you give a small brief on the type of script we need to write?
On Tue, Jul 24, 2018 at 12:50 PM, Ondra Machacek <omachace@redhat.com> wrote:
It's not, but you can write a script which can do this. But if you want all users from the ldap are able to login I would suggest to you create some group in LDAP and add all users as a member of this group and add this group to ovirt and assign it the permissions.
On 07/23/2018 08:36 PM, Hari Prasanth Loganathan wrote:
Guys any update on this ?
Any help is much useful for me 😊
On Mon, 23 Jul 2018 at 9:04 PM, Hari Prasanth Loganathan < hariprasanth.l@msystechnologies.com <mailto:hariprasanth.l@msystec hnologies.com>> wrote:
Hi Team,
Good Morning.
I configured the ovirt with LDAP setup.
Is there an *oVirt tool* (or any way) to add all the users from LDAP to Ovirt?
_*Observation*_ :
1) I am able to see that when I try to login with the user from LDAP, that user is added in Ovirt database, So Is there a way to sync all the users from LDAP to Ovirt using any oVirt tool or API?
Any help is much appreciated.
Thanks, Hari
DISCLAIMER- *MSysTechnologies LLC*
This email message, contents and its attachments may contain confidential, proprietary or legally privileged information and is intended solely for the use of the individual or entity to whom it is actually intended. If you have erroneously received this message, please permanently delete it immediately and notify the sender. If you are not the intended recipient of the email message,you are notified strictly not to disseminate,distribute or copy this e-mail.E-mail transmission cannot be guaranteed to be secure or error-free as Information could be intercepted, corrupted, lost, destroyed, incomplete or contain viruses and MSysTechnologies LLC accepts no liability for the contents and integrity of this mail or for any damage caused by the limitations of the e-mail transmission.
_______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-leave@ovirt.org Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/communit y/about/community-guidelines/ List Archives: https://lists.ovirt.org/archiv es/list/users@ovirt.org/message/TNDRY46K7PYM2TCIHR3IHUL2B6LPV2QC/
-- DISCLAIMER - *MSysTechnologies LLC* This email message, contents and its attachments may contain confidential, proprietary or legally privileged information and is intended solely for the use of the individual or entity to whom it is actually intended. If you have erroneously received this message, please permanently delete it immediately and notify the sender. If you are not the intended recipient of the email message,you are notified strictly not to disseminate,distribute or copy this e-mail.E-mail transmission cannot be guaranteed to be secure or error-free as Information could be intercepted, corrupted, lost, destroyed, incomplete or contain viruses and MSysTechnologies LLC accepts no liability for the contents and integrity of this mail or for any damage caused by the limitations of the e-mail transmission.

Something like this should work for you: import ovirtsdk4 as sdk import ovirtsdk4.types as types DOMAIN_NAME = 'internal-authz' connection = sdk.Connection(...) users_service = connection.system_service().users_service() domains_service = connection.system_service().domains_service() domain = next((domain for domain in domains_service.list() if domain.name == DOMAIN_NAME), None) domain_service = domains_service.domain_service(domain.id) users = domain_service.users_service().list() for user in users: users_service.add( types.User( user_name=user.user_name, domain=types.Domain( name=domain.name, ), ), ) connection.close() On 07/24/2018 11:51 AM, Hari Prasanth Loganathan wrote:
Also Ondra,
I added the list of users in a group in LDAP and I am able to discover all the users in ovirt UI (In add users and groups tab). *Is there an API *to discover the users in LDAP and add in the user's table in Ovirt?
Thanks, Hari
On Tue, Jul 24, 2018 at 2:53 PM, Hari Prasanth Loganathan <hariprasanth.l@msystechnologies.com <mailto:hariprasanth.l@msystechnologies.com>> wrote:
Hi Ondra,
Thanks much for the suggestion. Much Appreciated.
It's not, but you can write a script which can do this. - Could you give a small brief on the type of script we need to write?
On Tue, Jul 24, 2018 at 12:50 PM, Ondra Machacek <omachace@redhat.com <mailto:omachace@redhat.com>> wrote:
It's not, but you can write a script which can do this. But if you want all users from the ldap are able to login I would suggest to you create some group in LDAP and add all users as a member of this group and add this group to ovirt and assign it the permissions.
On 07/23/2018 08:36 PM, Hari Prasanth Loganathan wrote:
Guys any update on this ?
Any help is much useful for me 😊
On Mon, 23 Jul 2018 at 9:04 PM, Hari Prasanth Loganathan <hariprasanth.l@msystechnologies.com <mailto:hariprasanth.l@msystechnologies.com> <mailto:hariprasanth.l@msystechnologies.com <mailto:hariprasanth.l@msystechnologies.com>>> wrote:
Hi Team,
Good Morning.
I configured the ovirt with LDAP setup.
Is there an *oVirt tool* (or any way) to add all the users from LDAP to Ovirt?
_*Observation*_ :
1) I am able to see that when I try to login with the user from LDAP, that user is added in Ovirt database, So Is there a way to sync all the users from LDAP to Ovirt using any oVirt tool or API?
Any help is much appreciated.
Thanks, Hari
DISCLAIMER- *MSysTechnologies LLC*
This email message, contents and its attachments may contain confidential, proprietary or legally privileged information and is intended solely for the use of the individual or entity to whom it is actually intended. If you have erroneously received this message, please permanently delete it immediately and notify the sender. If you are not the intended recipient of the email message,you are notified strictly not to disseminate,distribute or copy this e-mail.E-mail transmission cannot be guaranteed to be secure or error-free as Information could be intercepted, corrupted, lost, destroyed, incomplete or contain viruses and MSysTechnologies LLC accepts no liability for the contents and integrity of this mail or for any damage caused by the limitations of the e-mail transmission.
_______________________________________________ Users mailing list -- users@ovirt.org <mailto:users@ovirt.org> To unsubscribe send an email to users-leave@ovirt.org <mailto:users-leave@ovirt.org> Privacy Statement: https://www.ovirt.org/site/privacy-policy/ <https://www.ovirt.org/site/privacy-policy/> oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ <https://www.ovirt.org/community/about/community-guidelines/> List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/TNDRY46K7PYM2T... <https://lists.ovirt.org/archives/list/users@ovirt.org/message/TNDRY46K7PYM2TCIHR3IHUL2B6LPV2QC/>
DISCLAIMER- *MSysTechnologies LLC*
This email message, contents and its attachments may contain confidential, proprietary or legally privileged information and is intended solely for the use of the individual or entity to whom it is actually intended. If you have erroneously received this message, please permanently delete it immediately and notify the sender. If you are not the intended recipient of the email message,you are notified strictly not to disseminate,distribute or copy this e-mail.E-mail transmission cannot be guaranteed to be secure or error-free as Information could be intercepted, corrupted, lost, destroyed, incomplete or contain viruses and MSysTechnologies LLC accepts no liability for the contents and integrity of this mail or for any damage caused by the limitations of the e-mail transmission.

Hi Ondra, We are not using ovirtSDK, It is completely new to us. *Is there an oVirt API * 1) To discover all the users in LDAP using the provided domain and namespace? 2) Add all the discovered users in Ovirt? 3) Assign the superuser permission for all the discovered users? Thanks, Hari On Tue, Jul 24, 2018 at 3:26 PM, Ondra Machacek <omachace@redhat.com> wrote:
Something like this should work for you:
import ovirtsdk4 as sdk import ovirtsdk4.types as types
DOMAIN_NAME = 'internal-authz'
connection = sdk.Connection(...)
users_service = connection.system_service().users_service()
domains_service = connection.system_service().domains_service() domain = next((domain for domain in domains_service.list() if domain.name == DOMAIN_NAME), None) domain_service = domains_service.domain_service(domain.id) users = domain_service.users_service().list() for user in users: users_service.add( types.User( user_name=user.user_name, domain=types.Domain( name=domain.name, ), ), )
connection.close()
On 07/24/2018 11:51 AM, Hari Prasanth Loganathan wrote:
Also Ondra,
I added the list of users in a group in LDAP and I am able to discover all the users in ovirt UI (In add users and groups tab). *Is there an API *to discover the users in LDAP and add in the user's table in Ovirt?
Thanks, Hari
On Tue, Jul 24, 2018 at 2:53 PM, Hari Prasanth Loganathan < hariprasanth.l@msystechnologies.com <mailto:hariprasanth.l@msystec hnologies.com>> wrote:
Hi Ondra,
Thanks much for the suggestion. Much Appreciated.
It's not, but you can write a script which can do this. - Could you give a small brief on the type of script we need to write?
On Tue, Jul 24, 2018 at 12:50 PM, Ondra Machacek <omachace@redhat.com <mailto:omachace@redhat.com>> wrote:
It's not, but you can write a script which can do this. But if you want all users from the ldap are able to login I would suggest to you create some group in LDAP and add all users as a member of this group and add this group to ovirt and assign it the permissions.
On 07/23/2018 08:36 PM, Hari Prasanth Loganathan wrote:
Guys any update on this ?
Any help is much useful for me 😊
On Mon, 23 Jul 2018 at 9:04 PM, Hari Prasanth Loganathan <hariprasanth.l@msystechnologies.com <mailto:hariprasanth.l@msystechnologies.com> <mailto:hariprasanth.l@msystechnologies.com
<mailto:hariprasanth.l@msystechnologies.com>>> wrote:
Hi Team,
Good Morning.
I configured the ovirt with LDAP setup.
Is there an *oVirt tool* (or any way) to add all the users from LDAP to Ovirt?
_*Observation*_ :
1) I am able to see that when I try to login with the user from LDAP, that user is added in Ovirt database, So Is there a way to sync all the users from LDAP to Ovirt using any oVirt tool or API?
Any help is much appreciated.
Thanks, Hari
DISCLAIMER- *MSysTechnologies LLC*
This email message, contents and its attachments may contain confidential, proprietary or legally privileged information and is intended solely for the use of the individual or entity to whom it is actually intended. If you have erroneously received this message, please permanently delete it immediately and notify the sender. If you are not the intended recipient of the email message,you are notified strictly not to disseminate,distribute or copy this e-mail.E-mail transmission cannot be guaranteed to be secure or error-free as Information could be intercepted, corrupted, lost, destroyed, incomplete or contain viruses and MSysTechnologies LLC accepts no liability for the contents and integrity of this mail or for any damage caused by the limitations of the e-mail transmission.
_______________________________________________ Users mailing list -- users@ovirt.org <mailto:users@ovirt.org
To unsubscribe send an email to users-leave@ovirt.org <mailto:users-leave@ovirt.org> Privacy Statement: https://www.ovirt.org/site/privacy-policy/ <https://www.ovirt.org/site/privacy-policy/> oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ <https://www.ovirt.org/community/about/community-guidelines/> List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/messag e/TNDRY46K7PYM2TCIHR3IHUL2B6LPV2QC/ <https://lists.ovirt.org/archives/list/users@ovirt.org/messa ge/TNDRY46K7PYM2TCIHR3IHUL2B6LPV2QC/>
DISCLAIMER- *MSysTechnologies LLC*
This email message, contents and its attachments may contain confidential, proprietary or legally privileged information and is intended solely for the use of the individual or entity to whom it is actually intended. If you have erroneously received this message, please permanently delete it immediately and notify the sender. If you are not the intended recipient of the email message,you are notified strictly not to disseminate,distribute or copy this e-mail.E-mail transmission cannot be guaranteed to be secure or error-free as Information could be intercepted, corrupted, lost, destroyed, incomplete or contain viruses and MSysTechnologies LLC accepts no liability for the contents and integrity of this mail or for any damage caused by the limitations of the e-mail transmission.
-- DISCLAIMER - *MSysTechnologies LLC* This email message, contents and its attachments may contain confidential, proprietary or legally privileged information and is intended solely for the use of the individual or entity to whom it is actually intended. If you have erroneously received this message, please permanently delete it immediately and notify the sender. If you are not the intended recipient of the email message,you are notified strictly not to disseminate,distribute or copy this e-mail.E-mail transmission cannot be guaranteed to be secure or error-free as Information could be intercepted, corrupted, lost, destroyed, incomplete or contain viruses and MSysTechnologies LLC accepts no liability for the contents and integrity of this mail or for any damage caused by the limitations of the e-mail transmission.

If it's possible in SDK it's also possible in API. To get all domains: http://ovirt.github.io/ovirt-engine-api-model/4.2/#services/domains/methods/... To get all users in domain: http://ovirt.github.io/ovirt-engine-api-model/4.2/#services/domain_users/met... To add user from domain: http://ovirt.github.io/ovirt-engine-api-model/4.2/#services/users/methods/ad... To assign permissions to added user: http://ovirt.github.io/ovirt-engine-api-model/4.2/#services/assigned_permiss... On 07/24/2018 12:06 PM, Hari Prasanth Loganathan wrote:
Hi Ondra,
We are not using ovirtSDK, It is completely new to us.
*Is there an oVirt API * 1) To discover all the users in LDAP using the provided domain and namespace? 2) Add all the discovered users in Ovirt? 3) Assign the superuser permission for all the discovered users?
Thanks, Hari
On Tue, Jul 24, 2018 at 3:26 PM, Ondra Machacek <omachace@redhat.com <mailto:omachace@redhat.com>> wrote:
Something like this should work for you:
import ovirtsdk4 as sdk import ovirtsdk4.types as types
DOMAIN_NAME = 'internal-authz'
connection = sdk.Connection(...)
users_service = connection.system_service().users_service()
domains_service = connection.system_service().domains_service() domain = next((domain for domain in domains_service.list() if domain.name <http://domain.name> == DOMAIN_NAME), None) domain_service = domains_service.domain_service(domain.id <http://domain.id>) users = domain_service.users_service().list() for user in users: users_service.add( types.User( user_name=user.user_name, domain=types.Domain( name=domain.name <http://domain.name>, ), ), )
connection.close()
On 07/24/2018 11:51 AM, Hari Prasanth Loganathan wrote:
Also Ondra,
I added the list of users in a group in LDAP and I am able to discover all the users in ovirt UI (In add users and groups tab). *Is there an API *to discover the users in LDAP and add in the user's table in Ovirt?
Thanks, Hari
On Tue, Jul 24, 2018 at 2:53 PM, Hari Prasanth Loganathan <hariprasanth.l@msystechnologies.com <mailto:hariprasanth.l@msystechnologies.com> <mailto:hariprasanth.l@msystechnologies.com <mailto:hariprasanth.l@msystechnologies.com>>> wrote:
Hi Ondra,
Thanks much for the suggestion. Much Appreciated.
It's not, but you can write a script which can do this. - Could you give a small brief on the type of script we need to write?
On Tue, Jul 24, 2018 at 12:50 PM, Ondra Machacek <omachace@redhat.com <mailto:omachace@redhat.com> <mailto:omachace@redhat.com <mailto:omachace@redhat.com>>> wrote:
It's not, but you can write a script which can do this. But if you want all users from the ldap are able to login I would suggest to you create some group in LDAP and add all users as a member of this group and add this group to ovirt and assign it the permissions.
On 07/23/2018 08:36 PM, Hari Prasanth Loganathan wrote:
Guys any update on this ?
Any help is much useful for me 😊
On Mon, 23 Jul 2018 at 9:04 PM, Hari Prasanth Loganathan <hariprasanth.l@msystechnologies.com <mailto:hariprasanth.l@msystechnologies.com> <mailto:hariprasanth.l@msystechnologies.com <mailto:hariprasanth.l@msystechnologies.com>> <mailto:hariprasanth.l@msystechnologies.com <mailto:hariprasanth.l@msystechnologies.com>
<mailto:hariprasanth.l@msystechnologies.com <mailto:hariprasanth.l@msystechnologies.com>>>> wrote:
Hi Team,
Good Morning.
I configured the ovirt with LDAP setup.
Is there an *oVirt tool* (or any way) to add all the users from LDAP to Ovirt?
_*Observation*_ :
1) I am able to see that when I try to login with the user from LDAP, that user is added in Ovirt database, So Is there a way to sync all the users from LDAP to Ovirt using any oVirt tool or API?
Any help is much appreciated.
Thanks, Hari
DISCLAIMER- *MSysTechnologies LLC*
This email message, contents and its attachments may contain confidential, proprietary or legally privileged information and is intended solely for the use of the individual or entity to whom it is actually intended. If you have erroneously received this message, please permanently delete it immediately and notify the sender. If you are not the intended recipient of the email message,you are notified strictly not to disseminate,distribute or copy this e-mail.E-mail transmission cannot be guaranteed to be secure or error-free as Information could be intercepted, corrupted, lost, destroyed, incomplete or contain viruses and MSysTechnologies LLC accepts no liability for the contents and integrity of this mail or for any damage caused by the limitations of the e-mail transmission.
_______________________________________________ Users mailing list -- users@ovirt.org <mailto:users@ovirt.org> <mailto:users@ovirt.org <mailto:users@ovirt.org>> To unsubscribe send an email to users-leave@ovirt.org <mailto:users-leave@ovirt.org> <mailto:users-leave@ovirt.org <mailto:users-leave@ovirt.org>> Privacy Statement: https://www.ovirt.org/site/privacy-policy/ <https://www.ovirt.org/site/privacy-policy/> <https://www.ovirt.org/site/privacy-policy/ <https://www.ovirt.org/site/privacy-policy/>> oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ <https://www.ovirt.org/community/about/community-guidelines/>
<https://www.ovirt.org/community/about/community-guidelines/ <https://www.ovirt.org/community/about/community-guidelines/>> List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/TNDRY46K7PYM2T... <https://lists.ovirt.org/archives/list/users@ovirt.org/message/TNDRY46K7PYM2TCIHR3IHUL2B6LPV2QC/>
<https://lists.ovirt.org/archives/list/users@ovirt.org/message/TNDRY46K7PYM2T... <https://lists.ovirt.org/archives/list/users@ovirt.org/message/TNDRY46K7PYM2TCIHR3IHUL2B6LPV2QC/>>
DISCLAIMER- *MSysTechnologies LLC*
This email message, contents and its attachments may contain confidential, proprietary or legally privileged information and is intended solely for the use of the individual or entity to whom it is actually intended. If you have erroneously received this message, please permanently delete it immediately and notify the sender. If you are not the intended recipient of the email message,you are notified strictly not to disseminate,distribute or copy this e-mail.E-mail transmission cannot be guaranteed to be secure or error-free as Information could be intercepted, corrupted, lost, destroyed, incomplete or contain viruses and MSysTechnologies LLC accepts no liability for the contents and integrity of this mail or for any damage caused by the limitations of the e-mail transmission.
DISCLAIMER- *MSysTechnologies LLC*
This email message, contents and its attachments may contain confidential, proprietary or legally privileged information and is intended solely for the use of the individual or entity to whom it is actually intended. If you have erroneously received this message, please permanently delete it immediately and notify the sender. If you are not the intended recipient of the email message,you are notified strictly not to disseminate,distribute or copy this e-mail.E-mail transmission cannot be guaranteed to be secure or error-free as Information could be intercepted, corrupted, lost, destroyed, incomplete or contain viruses and MSysTechnologies LLC accepts no liability for the contents and integrity of this mail or for any damage caused by the limitations of the e-mail transmission.

Thank you so much, Ondra. Your help is greatly appreciated. On Tue, Jul 24, 2018 at 3:41 PM, Ondra Machacek <omachace@redhat.com> wrote:
If it's possible in SDK it's also possible in API.
To get all domains:
http://ovirt.github.io/ovirt-engine-api-model/4.2/#services/ domains/methods/list
To get all users in domain:
http://ovirt.github.io/ovirt-engine-api-model/4.2/#services/ domain_users/methods/list
To add user from domain:
http://ovirt.github.io/ovirt-engine-api-model/4.2/#services/ users/methods/add
To assign permissions to added user:
http://ovirt.github.io/ovirt-engine-api-model/4.2/#services/ assigned_permissions/methods/add
On 07/24/2018 12:06 PM, Hari Prasanth Loganathan wrote:
Hi Ondra,
We are not using ovirtSDK, It is completely new to us.
*Is there an oVirt API * 1) To discover all the users in LDAP using the provided domain and namespace? 2) Add all the discovered users in Ovirt? 3) Assign the superuser permission for all the discovered users?
Thanks, Hari
On Tue, Jul 24, 2018 at 3:26 PM, Ondra Machacek <omachace@redhat.com <mailto:omachace@redhat.com>> wrote:
Something like this should work for you:
import ovirtsdk4 as sdk import ovirtsdk4.types as types
DOMAIN_NAME = 'internal-authz'
connection = sdk.Connection(...)
users_service = connection.system_service().users_service()
domains_service = connection.system_service().domains_service() domain = next((domain for domain in domains_service.list() if domain.name <http://domain.name> == DOMAIN_NAME), None) domain_service = domains_service.domain_service(domain.id <http://domain.id>) users = domain_service.users_service().list() for user in users: users_service.add( types.User( user_name=user.user_name, domain=types.Domain( name=domain.name <http://domain.name>, ), ), )
connection.close()
On 07/24/2018 11:51 AM, Hari Prasanth Loganathan wrote:
Also Ondra,
I added the list of users in a group in LDAP and I am able to discover all the users in ovirt UI (In add users and groups tab). *Is there an API *to discover the users in LDAP and add in the user's table in Ovirt?
Thanks, Hari
On Tue, Jul 24, 2018 at 2:53 PM, Hari Prasanth Loganathan <hariprasanth.l@msystechnologies.com <mailto:hariprasanth.l@msystechnologies.com> <mailto:hariprasanth.l@msystechnologies.com <mailto:hariprasanth.l@msystechnologies.com>>> wrote:
Hi Ondra,
Thanks much for the suggestion. Much Appreciated.
It's not, but you can write a script which can do this. - Could you give a small brief on the type of script we need to write?
On Tue, Jul 24, 2018 at 12:50 PM, Ondra Machacek <omachace@redhat.com <mailto:omachace@redhat.com> <mailto:omachace@redhat.com <mailto:omachace@redhat.com>>> wrote:
It's not, but you can write a script which can do this. But if you want all users from the ldap are able to login I would suggest to you create some group in LDAP and add all users as a member of this group and add this group to ovirt and assign it the permissions.
On 07/23/2018 08:36 PM, Hari Prasanth Loganathan wrote:
Guys any update on this ?
Any help is much useful for me 😊
On Mon, 23 Jul 2018 at 9:04 PM, Hari Prasanth Loganathan <hariprasanth.l@msystechnologies.com <mailto:hariprasanth.l@msystechnologies.com> <mailto:hariprasanth.l@msystechnologies.com <mailto:hariprasanth.l@msystechnologies.com>> <mailto:hariprasanth.l@msystechnologies.com <mailto:hariprasanth.l@msystechnologies.com>
<mailto:hariprasanth.l@msystechnologies.com <mailto:hariprasanth.l@msystechnologies.com>>>> wrote:
Hi Team,
Good Morning.
I configured the ovirt with LDAP setup.
Is there an *oVirt tool* (or any way) to add all the users from LDAP to Ovirt?
_*Observation*_ :
1) I am able to see that when I try to login with the user from LDAP, that user is added in Ovirt database, So Is there a way to sync all the users from LDAP to Ovirt using any oVirt tool or API?
Any help is much appreciated.
Thanks, Hari
DISCLAIMER- *MSysTechnologies LLC*
This email message, contents and its attachments may contain confidential, proprietary or legally privileged information and is intended solely for the use of the individual or entity to whom it is actually intended. If you have erroneously received this message, please permanently delete it immediately and notify the sender. If you are not the intended recipient of the email message,you are notified strictly not to disseminate,distribute or copy this e-mail.E-mail transmission cannot be guaranteed to be secure or error-free as Information could be intercepted, corrupted, lost, destroyed, incomplete or contain viruses and MSysTechnologies LLC accepts no liability for the contents and integrity of this mail or for any damage caused by the limitations of the e-mail transmission.
_______________________________________________ Users mailing list -- users@ovirt.org <mailto:users@ovirt.org> <mailto:users@ovirt.org <mailto:users@ovirt.org>> To unsubscribe send an email to users-leave@ovirt.org <mailto:users-leave@ovirt.org> <mailto:users-leave@ovirt.org
<mailto:users-leave@ovirt.org>> Privacy Statement: https://www.ovirt.org/site/privacy-policy/ <https://www.ovirt.org/site/privacy-policy/> <https://www.ovirt.org/site/privacy-policy/ <https://www.ovirt.org/site/privacy-policy/>> oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ <https://www.ovirt.org/community/about/community-guidelines/> <https://www.ovirt.org/communi ty/about/community-guidelines/ <https://www.ovirt.org/community/about/community-guidelines/>> List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/messag e/TNDRY46K7PYM2TCIHR3IHUL2B6LPV2QC/ <https://lists.ovirt.org/archives/list/users@ovirt.org/messa ge/TNDRY46K7PYM2TCIHR3IHUL2B6LPV2QC/> <https://lists.ovirt.org/archi ves/list/users@ovirt.org/message/TNDRY46K7PYM2TCIHR3IHUL2B6LPV2QC/ <https://lists.ovirt.org/archives/list/users@ovirt.org/messa ge/TNDRY46K7PYM2TCIHR3IHUL2B6LPV2QC/>>
DISCLAIMER- *MSysTechnologies LLC*
This email message, contents and its attachments may contain confidential, proprietary or legally privileged information and is intended solely for the use of the individual or entity to whom it is actually intended. If you have erroneously received this message, please permanently delete it immediately and notify the sender. If you are not the intended recipient of the email message,you are notified strictly not to disseminate,distribute or copy this e-mail.E-mail transmission cannot be guaranteed to be secure or error-free as Information could be intercepted, corrupted, lost, destroyed, incomplete or contain viruses and MSysTechnologies LLC accepts no liability for the contents and integrity of this mail or for any damage caused by the limitations of the e-mail transmission.
DISCLAIMER- *MSysTechnologies LLC*
This email message, contents and its attachments may contain confidential, proprietary or legally privileged information and is intended solely for the use of the individual or entity to whom it is actually intended. If you have erroneously received this message, please permanently delete it immediately and notify the sender. If you are not the intended recipient of the email message,you are notified strictly not to disseminate,distribute or copy this e-mail.E-mail transmission cannot be guaranteed to be secure or error-free as Information could be intercepted, corrupted, lost, destroyed, incomplete or contain viruses and MSysTechnologies LLC accepts no liability for the contents and integrity of this mail or for any damage caused by the limitations of the e-mail transmission.
-- DISCLAIMER - *MSysTechnologies LLC* This email message, contents and its attachments may contain confidential, proprietary or legally privileged information and is intended solely for the use of the individual or entity to whom it is actually intended. If you have erroneously received this message, please permanently delete it immediately and notify the sender. If you are not the intended recipient of the email message,you are notified strictly not to disseminate,distribute or copy this e-mail.E-mail transmission cannot be guaranteed to be secure or error-free as Information could be intercepted, corrupted, lost, destroyed, incomplete or contain viruses and MSysTechnologies LLC accepts no liability for the contents and integrity of this mail or for any damage caused by the limitations of the e-mail transmission.

Hi Hari, are you sure you want to assign the superuser permission for all the discovered users? What level are you applying it to as it means everyone can change or delete everything below that level. We put users into a directory group and give permissions to the group as Ondra suggested, then we only need to add users to oVirt if we need to add permissions to individual users. Regards, Paul S.

Hi Paul, This API add's the user to ovirt with the domain. http://ovirt.github.io/ovirt-engine-api-model/4.2/#services/ users/methods/add But Is there an API to add the user *and also map the user to the group*? On Tue, Jul 24, 2018 at 7:31 PM, <p.staniforth@leedsbeckett.ac.uk> wrote:
Hi Hari, are you sure you want to assign the superuser permission for all the discovered users? What level are you applying it to as it means everyone can change or delete everything below that level.
We put users into a directory group and give permissions to the group as Ondra suggested, then we only need to add users to oVirt if we need to add permissions to individual users.
Regards, Paul S. _______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-leave@ovirt.org Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community- guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/ message/IIGG7BZENMHXHQLKOQCO5OCJMFBFTJJH/
-- DISCLAIMER - *MSysTechnologies LLC* This email message, contents and its attachments may contain confidential, proprietary or legally privileged information and is intended solely for the use of the individual or entity to whom it is actually intended. If you have erroneously received this message, please permanently delete it immediately and notify the sender. If you are not the intended recipient of the email message,you are notified strictly not to disseminate,distribute or copy this e-mail.E-mail transmission cannot be guaranteed to be secure or error-free as Information could be intercepted, corrupted, lost, destroyed, incomplete or contain viruses and MSysTechnologies LLC accepts no liability for the contents and integrity of this mail or for any damage caused by the limitations of the e-mail transmission.

Hi Hari, Adding the users to the group is done by the Directory Server (LDAP) so it's separate from the oVirt system. You could have it done by the same program/script your using to add users/groups to the oVirt system but it would be an ldap call to the Directory Server. https://www.python-ldap.org/en/latest/ http://ovirt.github.io/ovirt-engine-api-model/4.2/#services/groups https://github.com/oVirt/ovirt-engine-sdk/blob/master/sdk/examples/add_group... Regards, Paul S.
participants (3)
-
Hari Prasanth Loganathan
-
Ondra Machacek
-
p.staniforth@leedsbeckett.ac.uk