----- Original Message -----

From: "Ryan Wilkinson" <ryanwilk@gmail.com> To: users@ovirt.org Sent: Thursday, March 28, 2013 2:42:56 PM Subject: [Users] ldap

I'm able to set up Active Directory authentication if my ovirt engine is set to use dns that is hosted on the same system as Active Directory. However, if I use static host entries in my engine "hosts" file instead of using dns I'm getting the error "ldap server for domain not found" when I issue the command: "engine-manage-domains -action=add -domain=’ovirt.local' -user='admin' -provider=ActiveDirectory -interactive" from the engine. I've googled to death how to configure static entries on my engine system for the ldap server and it seems that I need to configure my nsswitch and ldap.conf files but still no luck... Any ideas?? Hi Ryan,

To work with LDAP you currently need to have both LDAP and Kerberos SRV records in the DNS, as well as PTR record. If you would like to work locally I can suggest working with dnsmasq (lightweight DHCP and caching DNS server) locally, defining these entries there, and setting /etc/resolv.conf properly, so that it would access it. The configuration is in /etc/dnsmasq.conf (or in /etc/dnsmasq.d/...). Example for LDAP and Kerberos records: srv-host=_ldap._tcp.my_domain.com,ad.my_domain.com,389 srv-host=_kerberos._tcp.my_domain.com,ad.my_domain.com,88 and, afaik it also takes /etc/hosts and creates PTR records for the entries there, so that should be enough, if you add your AD host in /etc/hosts (I guess you can also add those manually in dnsmasq). Let me know if you need further assistance. Oved

_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users