Hello, I have tried googling and searching in the documentation, but i can't seem to find any instructions on how to remove a authentication source. The background is that i did set up an FreeIPA server for auth, worked perfectly, but i ran into some problems using that to auth other systems, so i had to setup a new FreeIPA server and added that to oVirt, but now i want to remove the old one, but can not seem to find how. Anyone sitting on that info? And while on the subject, how do i set the FreeIPA auth as default auth source in oVirt? Regards Magnus
Hello, On Wed, Nov 15, 2017 at 9:03 AM, Magnus Isaksson <magnus.isaksson@ilw.se> wrote:
Hello,
I have tried googling and searching in the documentation, but i can't seem to find any instructions on how to remove a authentication source.
The background is that i did set up an FreeIPA server for auth, worked perfectly, but i ran into some problems using that to auth other systems, so i had to setup a new FreeIPA server and added that to oVirt, but now i want to remove the old one, but can not seem to find how. Anyone sitting on that info?
You have to remove the extension files of the old IPA server. It's following files: - /etc/ovirt-engine/extensions.d/ipa-old-authn.properties - /etc/ovirt-engine/extensions.d/ipa-old-authn.properties - /etc/ovirt-engine/aaa/ipa-old.properties Also don't forget to remove all users and groups of the old profile via webadmin.
And while on the subject, how do i set the FreeIPA auth as default auth source in oVirt?
Yes, this is supported since 4.0 release. You can check more info in this bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1296274 What you need to do is, add this line: ovirt.engine.aaa.authn.default.profile=true to your authn properties file of the profile, you want to have the default.
Regards Magnus
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
participants (2)
-
Magnus Isaksson -
Ondra Machacek