6:09 p.m.
Hi All,
I managed to use OpenLDAP to integrate with oVirt 3.4.0-0.5.beta1. For
this, I followed (more or less, I used a Raspberry Pi and Raspbian)
instructions as found on http://www.ovirt.org/LDAP_Quick_Start
It all seems to work well, I am able to connect to a domain, login etc.
and assign some roles to users.
However, I cannot use (ldap) groups it seems. I cann add a group in the
ovirt gui, but (in the tab General) "Active" remain "false".
A I missing something...?
Winfried
1:01 a.m.
----- Original Message -----
From: "Winfried de Heiden - Voorwinde" <wdh(a)dds.nl>
To: users(a)ovirt.org
Sent: Sunday, February 2, 2014 5:09:01 PM
Subject: [Users] ovirt 3.4.0-0.5.beta1 and OpenLDAP groups
Hi All,
I managed to use OpenLDAP to integrate with oVirt 3.4.0-0.5.beta1. For
this, I followed (more or less, I used a Raspberry Pi and Raspbian)
instructions as found on http://www.ovirt.org/LDAP_Quick_Start
It all seems to work well, I am able to connect to a domain, login etc.
and assign some roles to users.
However, I cannot use (ldap) groups it seems. I cann add a group in the
ovirt gui, but (in the tab General) "Active" remain "false".
A I missing something...?
HI Winfried, I have a question for you -
When you add the group , can you use one of its user to perform an operation the group has
permission to perform? for example, if the group has login permissions, can you login with
a user that belongs to the group?
I'm looking at the code, and this might be an issue that the "active" flag
is simply not set on a group.
Winfried
_______________________________________________
Users mailing list
Users(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
2:32 a.m.
On 02/02/2014 11:01 PM, Yair Zaslavsky wrote:
----- Original Message -----
> From: "Winfried de Heiden - Voorwinde" <wdh(a)dds.nl>
> To: users(a)ovirt.org
> Sent: Sunday, February 2, 2014 5:09:01 PM
> Subject: [Users] ovirt 3.4.0-0.5.beta1 and OpenLDAP groups
>
> Hi All,
>
> I managed to use OpenLDAP to integrate with oVirt 3.4.0-0.5.beta1. For
> this, I followed (more or less, I used a Raspberry Pi and Raspbian)
> instructions as found on http://www.ovirt.org/LDAP_Quick_Start
>
> It all seems to work well, I am able to connect to a domain, login etc.
> and assign some roles to users.
> However, I cannot use (ldap) groups it seems. I cann add a group in the
> ovirt gui, but (in the tab General) "Active" remain "false".
>
> A I missing something...?
HI Winfried, I have a question for you -
When you add the group , can you use one of its user to perform an operation the group
has permission to perform? for example, if the group has login permissions, can you login
with a user that belongs to the group?
I'm looking at the code, and this might be an issue that the "active" flag
is simply not set on a group.
Yair - why would active be set on a group?
2:45 a.m.
----- Original Message -----
From: "Itamar Heim" <iheim(a)redhat.com>
To: "Yair Zaslavsky" <yzaslavs(a)redhat.com>, "Winfried de Heiden -
Voorwinde" <wdh(a)dds.nl>
Cc: users(a)ovirt.org
Sent: Monday, February 3, 2014 1:32:00 AM
Subject: Re: [Users] ovirt 3.4.0-0.5.beta1 and OpenLDAP groups
On 02/02/2014 11:01 PM, Yair Zaslavsky wrote:
>
>
> ----- Original Message -----
>> From: "Winfried de Heiden - Voorwinde" <wdh(a)dds.nl>
>> To: users(a)ovirt.org
>> Sent: Sunday, February 2, 2014 5:09:01 PM
>> Subject: [Users] ovirt 3.4.0-0.5.beta1 and OpenLDAP groups
>>
>> Hi All,
>>
>> I managed to use OpenLDAP to integrate with oVirt 3.4.0-0.5.beta1. For
>> this, I followed (more or less, I used a Raspberry Pi and Raspbian)
>> instructions as found on http://www.ovirt.org/LDAP_Quick_Start
>>
>> It all seems to work well, I am able to connect to a domain, login etc.
>> and assign some roles to users.
>> However, I cannot use (ldap) groups it seems. I cann add a group in the
>> ovirt gui, but (in the tab General) "Active" remain
"false".
>>
>> A I missing something...?
>
> HI Winfried, I have a question for you -
> When you add the group , can you use one of its user to perform an
> operation the group has permission to perform? for example, if the group
> has login permissions, can you login with a user that belongs to the
> group?
> I'm looking at the code, and this might be an issue that the "active"
flag
> is simply not set on a group.
Yair - why would active be set on a group?
Itamar - I don't think there is a sense in that.
At engine-core- not being set.
At UI - I think the code should be revisited, in AdElementListModel there are places where
we create user objects and store in side them group information. later on we store these
objects at the groups collection of the model, and this model is being used to present the
list of users and groups.
3946
days inactive
3946
days old
3 comments
3 participants
participants (3)
-
Itamar Heim -
Winfried de Heiden - Voorwinde -
Yair Zaslavsky