[Users] AD authentication for ovirt manager
--_000_9BE6F493F83A594DA60C45E6A09DC5AC2EFD3FF5AUSP01DAG0201_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Is there a write up out there for setting up ovirt users and adminstrators = to authenticate into the portal via AD? Thanks, Jonathan ________________________________ This is a PRIVATE message. If you are not the intended recipient, please de= lete without copying and kindly advise us by e-mail of the mistake in deliv= ery. NOTE: Regardless of content, this e-mail shall not operate to bind SKO= POS to any order or other contract unless pursuant to explicit written agre= ement or government initiative expressly permitting the use of e-mail for s= uch purpose. --_000_9BE6F493F83A594DA60C45E6A09DC5AC2EFD3FF5AUSP01DAG0201_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable <html> <head> <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
<style> <!-- @font-face {font-family:Calibri} @font-face {font-family:Tahoma} p.MsoNormal, li.MsoNormal, div.MsoNormal {margin:0in; margin-bottom:.0001pt; font-size:11.0pt; font-family:"Calibri","sans-serif"} a:link, span.MsoHyperlink {color:blue; text-decoration:underline} a:visited, span.MsoHyperlinkFollowed {color:purple; text-decoration:underline} p.MsoAcetate, li.MsoAcetate, div.MsoAcetate {margin:0in; margin-bottom:.0001pt; font-size:8.0pt; font-family:"Tahoma","sans-serif"} span.EmailStyle17 {font-family:"Calibri","sans-serif"; color:windowtext} span.BalloonTextChar {font-family:"Tahoma","sans-serif"} .MsoChpDefault {font-family:"Calibri","sans-serif"} @page WordSection1 {margin:1.0in 1.0in 1.0in 1.0in} div.WordSection1 {} --> </style> </head> <body lang=3D"EN-US" link=3D"blue" vlink=3D"purple"> <div class=3D"WordSection1"> <p class=3D"MsoNormal">Is there a write up out there for setting up ovirt u= sers and adminstrators to authenticate into the portal via AD?</p> <p class=3D"MsoNormal"> </p> <p class=3D"MsoNormal">Thanks,</p> <p class=3D"MsoNormal">Jonathan </p> <p class=3D"MsoNormal"> </p> </div> <br> <hr> <font color=3D"Gray" face=3D"Arial" size=3D"1">This is a PRIVATE message. I= f you are not the intended recipient, please delete without copying and kin= dly advise us by e-mail of the mistake in delivery. NOTE: Regardless of con= tent, this e-mail shall not operate to bind SKOPOS to any order or other contract unless pursuant to explicit wri= tten agreement or government initiative expressly permitting the use of e-m= ail for such purpose.</font> </body> </html> --_000_9BE6F493F83A594DA60C45E6A09DC5AC2EFD3FF5AUSP01DAG0201_--
Hello Jonathan, I believe you can use the Red Hat Documentation for this. https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Virtua... One of the "gotchas" that I ran into is that you need to specify the Active Directory as your DNS provider in your resolv.conf file (not sure if it was coincidence or not; but I ran into some issues that went away when I did this) HTH Thank you, Christian Hernandez 1225 Los Angeles Street Glendale, CA 91204 Phone: 877-782-2737 ext. 4566 Fax: 818-265-3152 christianh@4over.com <mailto:christianh@4over.com> www.4over.com <http://www.4over.com> On Mon, Apr 22, 2013 at 2:57 PM, Jonathan Horne <jhorne@skopos.us> wrote:
Is there a write up out there for setting up ovirt users and adminstrators to authenticate into the portal via AD?
Thanks,
Jonathan
------------------------------ This is a PRIVATE message. If you are not the intended recipient, please delete without copying and kindly advise us by e-mail of the mistake in delivery. NOTE: Regardless of content, this e-mail shall not operate to bind SKOPOS to any order or other contract unless pursuant to explicit written agreement or government initiative expressly permitting the use of e-mail for such purpose.
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Also set your Active Directory source as your time synchronization provider. You need DNS, Directory services, Kerberos and network time all from the same source if you want anything approaching reliability. --Charlie On Mon, Apr 22, 2013 at 6:17 PM, Christian Hernandez <christianh@4over.com> wrote:
Hello Jonathan,
I believe you can use the Red Hat Documentation for this.
https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Virtua...
One of the "gotchas" that I ran into is that you need to specify the Active Directory as your DNS provider in your resolv.conf file (not sure if it was coincidence or not; but I ran into some issues that went away when I did this)
HTH
Thank you,
Christian Hernandez 1225 Los Angeles Street Glendale, CA 91204 Phone: 877-782-2737 ext. 4566 Fax: 818-265-3152 christianh@4over.com <mailto:christianh@4over.com> www.4over.com <http://www.4over.com>
On Mon, Apr 22, 2013 at 2:57 PM, Jonathan Horne <jhorne@skopos.us> wrote:
Is there a write up out there for setting up ovirt users and adminstrators to authenticate into the portal via AD?
Thanks,
Jonathan
________________________________ This is a PRIVATE message. If you are not the intended recipient, please delete without copying and kindly advise us by e-mail of the mistake in delivery. NOTE: Regardless of content, this e-mail shall not operate to bind SKOPOS to any order or other contract unless pursuant to explicit written agreement or government initiative expressly permitting the use of e-mail for such purpose.
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Also create a different user. For instance I could not get the Administrator user to bind with my samba4 DC. Had to create a different user to bind to. On Tue, Apr 23, 2013 at 10:09 AM, Charlie <medievalist@gmail.com> wrote:
Also set your Active Directory source as your time synchronization provider. You need DNS, Directory services, Kerberos and network time all from the same source if you want anything approaching reliability.
--Charlie
On Mon, Apr 22, 2013 at 6:17 PM, Christian Hernandez <christianh@4over.com> wrote:
Hello Jonathan,
I believe you can use the Red Hat Documentation for this.
https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Virtua...
One of the "gotchas" that I ran into is that you need to specify the
Active
Directory as your DNS provider in your resolv.conf file (not sure if it was coincidence or not; but I ran into some issues that went away when I did this)
HTH
Thank you,
Christian Hernandez 1225 Los Angeles Street Glendale, CA 91204 Phone: 877-782-2737 ext. 4566 Fax: 818-265-3152 christianh@4over.com <mailto:christianh@4over.com> www.4over.com <http://www.4over.com>
On Mon, Apr 22, 2013 at 2:57 PM, Jonathan Horne <jhorne@skopos.us> wrote:
Is there a write up out there for setting up ovirt users and
adminstrators
to authenticate into the portal via AD?
Thanks,
Jonathan
________________________________ This is a PRIVATE message. If you are not the intended recipient, please delete without copying and kindly advise us by e-mail of the mistake in delivery. NOTE: Regardless of content, this e-mail shall not operate to bind SKOPOS to any order or other contract unless pursuant to explicit written agreement or government initiative expressly permitting the use of e-mail for such purpose.
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
-- Chris Noffsinger
--Apple-Mail=_A45E5F81-2FC0-40AB-B8A0-DCD4CC67FE70 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=iso-8859-1
Hello Jonathan, =20 I believe you can use the Red Hat Documentation for this. =20 = https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Virt= ualization/3.1/html/Evaluation_Guide/Evaluation_Guide-VDI.html#Evaluation_= Guide-Add_Active_Directory =20 One of the "gotchas" that I ran into is that you need to specify the = Active Directory as your DNS provider in your resolv.conf file (not sure = if it was coincidence or not; but I ran into some issues that went away = when I did this)
Has anyone had success doing this with 389 ? cheers --Apple-Mail=_A45E5F81-2FC0-40AB-B8A0-DCD4CC67FE70 Content-Transfer-Encoding: 7bit Content-Type: text/html; charset=iso-8859-1 <html><head><meta http-equiv="Content-Type" content="text/html charset=iso-8859-1"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><br><div><div><br></div><br class="Apple-interchange-newline"><blockquote type="cite"><div dir="ltr"><div><div><div>Hello Jonathan,<br><br></div>I believe you can use the Red Hat Documentation for this.<br><br><a href="https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Virtualization/3.1/html/Evaluation_Guide/Evaluation_Guide-VDI.html#Evaluation_Guide-Add_Active_Directory">https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Virtualization/3.1/html/Evaluation_Guide/Evaluation_Guide-VDI.html#Evaluation_Guide-Add_Active_Directory</a><br> <br></div>One of the "gotchas" that I ran into is that you need to specify the Active Directory as your DNS provider in your resolv.conf file (not sure if it was coincidence or not; but I ran into some issues that went away when I did this)<br></div></div></blockquote><br></div><div>Has anyone had success doing this with 389 ?</div><div><br></div><div>cheers</div><br></body></html> --Apple-Mail=_A45E5F81-2FC0-40AB-B8A0-DCD4CC67FE70--
Tom, I *believe* that you can use 389 with TLS FWIW I have successfully added an AD and IPA domain. Thank you, Christian Hernandez 1225 Los Angeles Street Glendale, CA 91204 Phone: 877-782-2737 ext. 4566 Fax: 818-265-3152 christianh@4over.com <mailto:christianh@4over.com> www.4over.com <http://www.4over.com> On Tue, Apr 23, 2013 at 7:16 AM, Tom Brown <tom@ng23.net> wrote:
Hello Jonathan,
I believe you can use the Red Hat Documentation for this.
https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Virtua...
One of the "gotchas" that I ran into is that you need to specify the Active Directory as your DNS provider in your resolv.conf file (not sure if it was coincidence or not; but I ran into some issues that went away when I did this)
Has anyone had success doing this with 389 ?
cheers
participants (6)
-
Charlie -
Chris Noffsinger -
Christian Hernandez -
Itamar Heim -
Jonathan Horne -
Tom Brown