oVirt Active Directory Integration
This is a multi-part message in MIME format. --------------BE2F433B21C005D4D522037F Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Hi, I am trying to integrate the oVirt Engine with Active Directory to enable user logins. I installed the ovirt ldap extension and executed the setup. The process completed successfully and the profile is visible in engine log in page. Now, when I try to add the user and assign the roles, it is not allowing me to browse through the profile & the user list. Infact the "GO" button gets deactivated as shown in the screenshot. How do I set this right and get the user list? -- Thanks & Regards, Anantha Raghava eXza Technology Consulting & Services Do not print this e-mail unless required. Save Paper & trees. --------------BE2F433B21C005D4D522037F Content-Type: multipart/related; boundary="------------729026E22F8CD7AB7D015746" --------------729026E22F8CD7AB7D015746 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 7bit <html> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8"> </head> <body bgcolor="#FFFFFF" text="#000000"> <p><font face="Liberation Serif">Hi,</font></p> <p><font face="Liberation Serif">I am trying to integrate the oVirt Engine with Active Directory to enable user logins. I installed the ovirt ldap extension and executed the setup. The process completed successfully and the profile is visible in engine log in page.</font></p> <p><font face="Liberation Serif">Now, when I try to add the user and assign the roles, it is not allowing me to browse through the profile & the user list. Infact the "GO" button gets deactivated as shown in the screenshot. <br> </font></p> <p><font face="Liberation Serif">How do I set this right and get the user list?</font></p> <p><img src="cid:part1.67EB5C4E.ABC13F1A@exzatechconsulting.com" alt=""></p> -- <div class="moz-signature"> <p style="margin-bottom: 0cm; line-height: 100%"><font face="Times New Roman, serif">Thanks & Regards,</font></p> <p style="margin-bottom: 0cm; line-height: 100%"><br> </p> <address style="line-height: 100%"><font face="Times New Roman, serif">Anantha Raghava</font></address> <address style="line-height: 100%"><font face="Times New Roman, serif">eXza Technology Consulting & Services</font></address> <br> <p style="margin-bottom: 0cm; line-height: 100%"><font color="#66cc00"><font face="Times New Roman, serif">Do not print this e-mail unless required. Save Paper & trees.</font></font></p> </div> </body> </html> --------------729026E22F8CD7AB7D015746 Content-Type: image/png; name="kkheioccmkkjcgaj.png" Content-Transfer-Encoding: base64 Content-ID: <part1.67EB5C4E.ABC13F1A@exzatechconsulting.com> Content-Disposition: inline; filename="kkheioccmkkjcgaj.png" iVBORw0KGgoAAAANSUhEUgAAAt8AAAGgCAYAAABylgtNAAAABHNCSVQICAgIfAhkiAAAIABJ REFUeF7snQd8VWXSxp/b03tvEEISCL0XAQEpigUVFkXUdbFhwbKube1ib5+uvWChCAqxgIJd ROmhhxJIL6T3cnP7N3MuFwIESSChzvg75uaUt/zPueR558w7ryr52/kOiB1BoL7BiHqrFpEh /tDAesRx2SEEhIAQEAJCQAgIASEgBFpLQN3aC+R8ISAEhIAQEAJCQAgIASEgBI6PgIjv4+P2 t1fZyFduge5vz2mLgyernrZoq5QhBISAEBACQkAICAEhAGiPBcFoNKKkpARFRUWoq6s71uln zXGb3YFGhwHuWkerwk7sdjuMVhXUOne4qxqP4GE2m6HRaJSNzeFwwGKxQKvVQq1u2ViIy2Az Qw87tc5HbzuiHtkhBISAEBACQkAICAEh0D4EdDod3NzcEBYWhujoaOVzS+2o4ruxsRHp6elI S0sDfz5XrfYEOl51Ate25tL61pws5woBISAEhIAQEAJCQAi0CYE9e/Yowrtbt27o0qVLi0T4 EeLbZrMpnu6NGzeiuroaKpUK4eHhCAwMhFZzxOlt0nApRAgIASEgBISAEBACQkAInEkErDYr ysvLlegQ1s3Z2dkYMGCA4g13RTg0159D1LTVakVGRgZ27tyJhoYGhIaGYvCgwRjQfwA6deoE g87QXBmyTwgIASEgBISAEBACQkAInFMETBYTMjMzsSFlA9auW4vi4mKsXLkSvXv3Rnx8vBJS 3Jwd2Muxyvn5+QeEd2xsLG695VZ0iOoAvV4PB/1XWVOJXbt2YdOmTSgrK2uuPNknBISAEBAC QkAICAEhIATOSgJBQUHo27cvunbtCj8fP3RN7Iq42DgMGTIE73/wPrKysrB161ZFO7OWbm4+ n8qV57uqqgp//vknampq4Ofnhw/e+eCAyzyvMA+PPPIITCYTWKTzJEHexISAEBACQkAICAEh IASEwLlCgMOxeWNRbTAY8OyzzyI6PFrpPodu33L7LWBNHRAQgFGjRima+nBT0muwkOY4FZfw fv3/XleEd3VtNeZ/MR8PPPAA6uvrwWEpLvF9eEHyuxAQAkJACAgBISAEhIAQOJsJsGZmLcya mLUxa2TWyqyZWTuzhmbBXVFRoSQuac5ZrYhvLoDd5KziJ105CZ5unmgwNmDJd0uwbNkyuFLb nc0wpW9CQAgIASEgBISAEBACQqA1BFgjs1ZmzczamTU0a2nW1Hv37m02Y6Aivvft26dMsIyM jERSlyTnBRl78csvvzR7UWsaJecKASEgBISAEBACQkAICIGzlQCn5GbNvJe0M4tu1tKsqVlb 5+bmHtFtRXyz15uNg8c5PQrbm2+9eU4tqqN0WkwICAEhIASEgBAQAkJACLSSAC9EydqZjbU0 a2o2l8ZuWpy2qKQItbXOpWQ8PT2V2Zm1xlpUVlYes1oHVJQDhYLOaZ1F/sSfmzPXeRo4V2I8 5DwHr/RoB1S01+G83kGfD5hynMqmfVyPYg7nSpCHnHfwiqN++tt2HPWqFh5o0iZm0dT+jk0L S2/+NKVOYqZycmV+rWNC13IZTa7n4vhOnqjZ6W6xNXvPj1b4foZQ0fPkehb2P1PcL34s+Alp XR+PVpnsFwJCQAgIASEgBITAQQLstfby8kJISAh8fHyUBXM4vps92KyVOVKEw0yai+PmUlg7 s4bm0BPW1Gy8ivnhpl24bCGCdcHKfo1aA7VKjfXr1h9+XrO/21Q6+Ed1QZ+OPmioLEJKanqz 51m03ujWZzACLbnYsm0HGu3OpdWVOi3+6BAXguAIb+xaswucM9FkMB0oR232Q3BkMGK7dYQn 6mCsrcTWtdkwqU2waq3N1ne0nY1wQ2SnJHjV7UVRSZmyPHtbmcrsA28fX3Qd1BUGlfWA6Kyv q0L6rq2oaqDJqvsFaZvVafWAXuOFQecnoLK4ElmpWWjQNsBO4rVFZtND5/BFnyFxtICSCtv/ 2g4j/ddars3VRVFPSOzWC/Z9G1FaWQsrms912fRalcULbnpPDBgRj+KcYuTvzUeD3QBPH090 7tsZ5em5KC8oRIOhobkqZZ8QEAJCQAgIASEgBI6LAE+WZNHt6+sLo9F4IF6bM5u4u7sra990 6NBBmUjJG4vy5ow19AUjL1A0NRsnMznctBEdbLDsO3T3Hyv/OPy8Zn/XGjwwZPRYXDd+EGrK CpB/7/2ophGBUaMmCeeueCnd6JNBb8DUqVMRXLsFe1J3UMpCTzRqabYonRCotmHQ4L4YMLov Xtz6IkzVB4W3Uml4FKbddi0GdesAq0qLmqpKEvFv4pfNW6hkHTxoQGEjMHWUyNwDDbTHgmr4 ktSzkrQ2Kz/ZauCDuIQkXHvdddi1/F1UlRQo4tsEA/njNcq17FlnT20tvNm9igBrI+o1OhjV WiqxWhGQ9SQqPen/XK6FanOZlT4HhEXipttvoqt1JGpVaCDnb0NtKX5e9AGW/b4BDWYaPVFN 3EbX5iDPvs3qDauGxLnaDr2Fcqqrqc0aE9zoh5rKKdO5E0duaSP1w5faaYMXDURs+98E8APj yiNppDP5cXCnmrgv3CeujYU/Dz4MVA7v5/rt+wWxcj09I/yAmR16Ok+v8GCPPfeT+81vDbjt Lq7cb9dx5ucaWPBnbmm/AYPxz+uvxY8fZKG6slwpw0jX8zX8TDRt20GGWrh5B2D6bdPxx9Jf sCQzF0a7A4HBgbhm+jX4/fOvsGZfHsqUdtiUu8ft4TIPEqVnoknbXW07su3EyKKCRUPXOp30 B+6lfBACQkAICAEhIATOLQLBwcHw9vZWYrRZfDf1brO3mz3f7M3mVd85UQmnE2zOWEOz+P47 02oNVSRcnHHerhM57WBLzMfPHxEd45CZm4Okjh2RFB2NlPS9JK1Izei98Z/7/o34YHes2pJG rnsDDLVmEqUk+VSeuPq6qejTtzschaUk2Mtg0zhDJw6v179TZ0THReLrLz7Bql2l+O9jT2D4 6MHQhwQhafQEzH7mFdSRS3/ClMkIdTNi8fxPEN1tMG6+9h8kwswUUVGHp2fNIu95b9xy03RE RYSi63XXwJ/SwMxdthZ9B56HKyf/A0FaM9L37ETyl3NpRKPF0POG4fpRQ5FX3QAf6leArRBv vv8pRlx2PXrFBiB5/mys2rjjQHNZ5LHUrTXX4tsvv8fuddtQ6e2Fu2Zch4H9e2JVyi40lNfg qmunY1jfJBKgFnxFfVq7NoXK8MCFl4zF8FHDUJhWiM6JkcjI3YnwgDBU5+ajPrITov00SJ77 HrSR/TBhzHAU7l6LhfN/ptcfOkyYMAE7t+xE9o5shEV1xL333UUS3UjRG4347JMPsHFHBvRu XMdVGDe0DwlvG8qLMigdzmx6gHQYNXIkhRtplTcPNrMDg4aPwk1XXECi1o7c7N2Yu2AxikvL ERIVh9tunIa8tC3o07MP3VM9dmxZg7kLk2E0779/NFA57/wLcfU/rkRQoD+uvn4aNF8uwW8b dmPU+EtwyfgLaHDSiD27tmDh53NQXn/wvjND5Z0BDcg4FMYVssKjOH4+VPvfKCT1Gopb/3nV gfs76+mnUErPlo2keP+ho3DLpLH0BgfYvXMTFi76GhXVtTQw6oC7bp0OdWM5Av0D4bDa8Mkr byCrrFDE9+FfOvldCAgBISAEhMA5RIBFd0fSsdu3b1dCTBISEpTVKqurqxUKvMo7e7B5gUkO RYkmXcgCnde/OdxaoqGbjQXgJOHHMrMpEtEBnTA4XI3kpST6wrugP4ULrMvIJK9xLJ59bCa6 dI6HvdaIsaOioHI3wF4KNOrd0GPidbhsfD8KOalDlX88Yg2xQEVms0EZavLGGtzcERkVA8uq FNx/y1TYK+wI6T0Ycb5hGN87DFv2ZCmrDe39aTVC7Yl48j83QWXVwmKk6GVNDWbecScWLUmD l85L8e66eXiQS94PEedNw4zrx8BPR15gSzgGDwpBYIAXnnxlOTx1kejUsyuijJTLkTykap8Y PPP8ADjqCbSHGTc+cB8qrr8d+yjAvlp3ECPHSxvpxtXQiKia80ASSw3FEJVoonDVQzNxZQ8P NHLUhN0dd959H8LDFuL75JXQ+wbDIyIaw8I9UFxlRBYNqBISgxHfNQHGGvI7k9C967+vQVXX SCLTiqgLRiNnRwV2rN6BgJgAeOUEwksbjfvuvhlRYf5orPUlD7oR1113PTY99Bm6JSRi+pVj YWskv7nFAe84DS4aNxHLl+yAX0QgJYpXU7dIoI8ejYn/ugqBNgr/Ia9z3IBYPBrqh1effgg5 +hAEhHfCgIRwFJsM0GnVGDakG/Zs3Il1GzNgpMEPGyedNxicIT3MutEQgn6TL8HdV/QmcU8i 2eyPESNCEEkDodcefYWGCTbU644dZ26h69zcuuK5B26B2qaFWbm/tbjrrrvxzKy5GDZiAK75 51R4Odgf7kD3EZfj3kAvfPK/55GmDYIPCfBEvzA00hcmI20XCsopd73i/W9d+NKxvhtyXAgI ASEgBISAEDhzCLD4ZrHNebt5smS/fv2UsJKvv/4agYGByuqVnNHk22+/VQQ5h6awCG9OfLdE QzcrvluCy0xhHp2TklBVXoaUTWuQ0K0HunbrDi//9dB7RaIjxWln79mMl556BQEJ3XHLvTMR RAV7kcs+tkMQHMZyPPDvO1GmTsBtN09GzzifZqf55e/djs0pOzBswHAMGDYeDY1GfPDCC9hS mIOS0koMPm8UMkoIhDulTCwuIIe7pxI6sXVTClJWrCIvKgnUbVtRXReCL77Q46rpV2P57Hfw 59Ys9L/+CWgpxGPOp58STDd07x6HsWMHITZ6C0kyMyzmasyZ8y2NhPLw/FuPIi8zG3P/70NM uOlK9OrbS1m9iMV3U/M0eOKmm2dAf6MG9Vo7TLXlWJH8LQKDQjCgTwwydq7G99+voJvqgWuv HU8idBRW/bzxQODGD8mL8VnyMnjEDcDYgYkoL87Cgw9/iCuuugSjLxyGD15+HfUWI2Y8dTct axp4INyEQy883fVQ6TyRVVSEZfMWw2qvQVZ2KgluP/h6uaPaZMPvS5ciLyMbjbYC7N5WDI2d Bj4KeRrk+Pujd68ucLNVY9Z/n0BmcTn6XDoVM6YMQrfu3ZGjzMG1I2X173jhwx8otKQ//n3T SLjTQ8iDGsXsVvz6w1J4+wXgyism4Ov33saeIjWuGH81LPUVeOqxx5BLv0+5djLGTBhNs4E7 YMvuNLqw+UexaUgLe+L9KP7bTGEt27duxPpf/6SQI7q/27dCbeiCXuSNJ5c2Pv3wIzTQ25BY +vJcNKIbwindT1qjs+1p21PwxlvvobqG7pvNEw4KfxITAkJACAgBISAEzl0CHE7iCiMpIg21 Zs0aDBw4UAmZZisvL8dff/2lhJtwqC4LbE5QcrzWvOJpQWn1FFLRoXcPEnyVGH/hYJoUZ4aX rz/C4+Kwy0hRz+py1OWmoIYEYFFuAQrrzYr41pBo1+l1qNxHkzPrSmCydkB+XjFiEgOaFd+G qjQs/OQtbOkzDNFRkbjkojG4atpI7H4jGTt25WLM+d0Q1WkX3OpzUFSei5zyany3NhUXDRtK XtkBJAYr8dP33+HHRSuUMIo6krlsDI/BefkEYcYd9x3S43BfvRLXba7LR2VpIUop9MSECpRU 5KKmsAaVFQ4S+OQ9b8ZMVhNWr92I4vR8mPU0O7a0gsI5NkKVNEw5OzGpr7K5rLy4BH4eOiU+ 3UAEMlO2QUte3TpqAbe2MmsrKmpNqGmsQVUjxdXvyYdXYACq6rV0/ODEVY4DN1aXYsnKFPzj 6ktw14N3kRBtwOb1KzH3o5+QnbEL2/MrcenVk5Wo8PraHCye8wM2rSpUYqY5/r7WneLRKdDc nLcBu0vyYVS5Y0dOGSpr6pVBE1h8O0woIkGvIu99aW45qtUUwa0+GPvOoSI8MZbj6ev3d1JH nLVaDUozN6KmOAMWVRDWZRYh3qSHvz/F5Wt5AHPk8qt8Ocdyq/QeyrwB9mdXFudh6eptmDBi MIYO7Ef3two/LV+GL36qhIbeqoT6euKO/9xxgC9QBT9fKlsR31YUZu9AfSP1kcqF3tzkPPko BISAEBACQkAInIsEtKRNWVi7jENHYmNjcd555ylhKCkpKQfEuWuld9dcu+PhddziOyYmGp06 BiOCPK1XRsaRfNPAYgtDUmIv1KzaTF5Xes0fOwS+6j/QOTYGkV4GUnfO1TQ5cD0woQvgHQ6D xoCOsRHwp07v950e0o/+l96EvhR+sXLJl/jirz8o7iYWHcnVH6DVoWBDCswTh2LoFVegPGs1 KqpqUGty4KvPPkDKT4FKXPW4iy/DkDFTsPOPLcoUQ5fxqIVfF9RWleDdD95GRZ1ZmcjIE/m2 ZHlg8JDBh/IkB2m9qZ4mijbSxMjmvaUsYlXWOmzduA4pPMGSsnJwejya0wc9rXrEtmPbOiz+ egk4RJoFt4UmYRaUm5HIYvAY1mhqRAOpXoOOJoQ2Y5zOZsV3yUjfuZYEcCO69+qDiy66BImx qRSfvgmfvvUafvBzV/p4zQ03ou+gUcjeukgR39wl34Z6WBp1MCSdh+7hy5G+rwS9O1Eojq8X ag94+MmbT28fjpZmp5lmKWl5LHR/QxP6U4hLIqoLgOEJEYhzM+GXCgM98NQfehJ5EqijsRbZ lT4I6NAJ7iHuMJWaENM5DKG2SnrlU4EyuwlfzaE49l+C6f6aMYb6N5Tv78Y3oaE3FYWVdZjz xjswmhpgoXAiLXEoLcgnbc8efjEhIASEgBAQAkJACBxKgIW3TndQh8WRI5mzm7AI5zf78fHx KCwsVLKcsOjm7WjZTlrC9rjF96BBg1BVWYJ577+MTal7SNaq8dATL6IDTfhbU/s7TRjch+5d euLjuZ8rWT/MtNGcRdSTiMvIKoW9Tyze/mgu+yVJRFHmjtL0ZsV3XkkNbrz2Yowf0F3JQsIZ xUu2p5JHuhQVZhX25hcjgdIU7kzfTaEjNYiL74fnX3lAmazHYo4zb1RUlaO4sACBMT0VJtdQ rLXf1z9i6eY0XETtuO+BB2mvG202CqMpwK2PJCse1yOMRgeckcQZpnHEUWWHMxf5QXHO6aqt tOVlZmDNhixcM6AXuvUkj60SZtGIzRs24tVXFir9OrodzIzO9R9N/HOc0iNP3UNx2UHUG0rF SHU02OxI37sH48dcgEm33aEIfm6j0WHA2oyVqKtxzdZ1ULrISqRsTEVMnx546pX/o3arUUfZ XqrSflcmISDamTDe2bvmByCH9+GGe+5D45wfsWFjOkZ36ocXXnubMJPYVjdgZ+o67KDJoHYN s3DmcW+or8W2nVm49Ly+eO2dd5TMNWq6G1VZf9KDX4AO8XF48tUnDrm/VbXVyE7bCo23Dgl9 e+PBRx+nKBq6TxozKsvy8cTj/z28WfK7EBACQkAICAEhIAQUArxADuf3LikpQUREhBLjzY7D efPmgbOgjBs3jsKSxyI5OfmA+G4u3rulOI9bfMd4UyaMnbuUhrpsw/Y96BrtB41XLR5/7mXc NmMG4gINyMnLoZjnQArBqCFPrxo7Fs3DIk09utOERkPlXlTVlkHnQ1KZMlAcbvtWrcU80sGj KBabSqKJkWYsePM7GGnWokqbjW15NfAL0IFjdNSaMuTm/YGHn3Xg2kmXUjYMEwk3Mz7+6D2k Wy1w25mC+M3dYQimtHsmSp3313dUdj2GXXA+AtSNMFFi9O+XLKJXC+U0adINuzN0qKkzQkve 7NydlGM6p1wZ6ZQX5ZLY241KCmVwinSHkgbQYaxG3s481Fe6Ai4O9iYchUh+5U5g+r/RtUOY 4rWtKsvBe+9+RDc4EJWU+jCbJgFW0CRCNvfGIuRkFKKsoB56u5HCNUpRsNNLiTMyU9/zabBR UlNIKRbraOIlhdzsK0ImTVp95MWXMGPGTZRYkVMFWvHj918js6EcuWv+QBml8Rvdv7sSvlFb VYTFi79AtUOHvHSKladJow0UJvPLyp9RZGvAdROG0fXklc9Lx6Kvl6LUEggPalMhZbPZV62i rDWU49FY4+xvxZH93bjiOwzoGk2x15UwmK1I//IDvFJFDy9ldPGmKZaZe1PxzVdfotKtyUBF X6OEHi2e/T+gaAwGdOussGBBvmzJV9izL4OGRxo8+PTzuH7KxAP395PZ7yHPWou9a9ei1jMQ V4zorXjzTQ0VlHnmRwpxonj46BIUZexGTqkZ1paNGw7ePPkkBISAEBACQkAInLUEOI0gZzAp JccuL6TDMd/8mY1/crw3n8Mecs4FzoklWiO+a0sOlduq2/7bxVGc3kmpYPKkyZg6ZSqm/XOa Mqvz74zzeLOIc1dyVWg44II+ue+PXTZRvK+XcjmLUpcpOSgoE4XdRhkwKBaDvcLe1BFOLcce XR2lvePVCznntcusVh8l7Rx7MTkRHYsqd3IlN1LJZo0nbr3ndsRH+eLT559CVnkVzCqN0g4O rdCRwOU62dgLzEKZf3pz/AutpqiyGdBAsd9WeqXA/WCPMG+cy5snIHLsst3uBoedcm/T4jW8 6iLHY5so1JpjpLntVorXUPJEW2nGJ0tHCkvR2ChvNpVv0R65qpGLG3vllbbReTabF5Vjo492 pUyz4nF2xp1ze2zEwKGmsmhjRlw3t0HPWKhKrkdtV9PkSZrkSf3h425EyNUf7jP3jN8CsOeb 3woo98JOZVHWFYeGspQQdy67kV6lmGljHsyaz23u/tqsXopQPlp/OYKdUy8qrO1ackTrUEsx VVwmPxNcLn92ZhtRbtEBY0bOO+Xk11w7+HpXX1zlcK51ptq07SpaSIg6iBqea0BHmYurP4fW Kr8JASEgBISAEBAC5yoBFtX+lHiioKBAifM+PKyE5wqyd5zDUZqmITycF2dBmf/ZfCz4cgEW UxIN/n3yxTcfcpo2yjcQxYdf2YLfWeCwNRVPTfc1Fd2u4pRzObqChCxFgCtmaTIYaE6sarVH rgxkpAwVYVFJGHPhRIzuHYHFC79AQbGDRDwJLcoH7WoHl9+0fSy+eDvYDtfSLM62OKW3mtrm zNuonMcL3vBGxgMDRejSZ96MTQcyWicPPo9zUvN/zdkRbdvPwzV10lmmsw+u9jAvl7kYcdW8 UKgrit0ZjkKL9FD/XHbgetrBQvyIujnQm8I/mpbN7eBhBBsPqI52f1l0u6y5/vICOGxOhvSB Bg4cg3/gGpLfR7Om7eRzjtYOPsZC2mU8vOLtkGs0TIj77tzfnNg/UIB8EAJCQAgIASEgBM5J ApzDmy0mJkbxarPHmx3RHPPtQWmTObSXBTlHfDS3amVroGl13ry0/JmX9aG0cBuSP0/D1wvI C0xwbJTWj8WxmBAQAkJACAgBISAEhIAQaA0BFtYsuF25vnmhHRbdvJ9jwitpXhx7xZtmRWlN +U3P1WZmUMo/xBzv9afsOpvNSnHZB8NTFI+6mBAQAkJACAgBISAEhIAQOA4CnMmNxXdGRsZx XN3yS9QBnsc957LltciZQkAICAEhIASEgBAQAkJACEBdRBkrxISAEBACQkAICAEhIASEgBBo fwJaE88cPMxee/m1Vi2icvj18rsQEAJCQAgIASEgBISAEDjXCPAEzWNZszEnoSGhqLM2e+hY 5clxISAEhIAQEAJCQAgIASFwThLw0jaZj3gUAkdV2Jk5mfCiWZ680IqYEBACQkAICAEhIASE gBAQAs0T4HW66yg/eM+4YycxOar45jXuo8PDlbzYYkJACAgBISAEhIAQEAJCQAg0T4BXjknP zW3+4GF71bu3hVOWb4Oy/IyYEBACQkAICAEhIASEgBAQAu1HQH3jDfdB7+ZBqwg2M/Oy/eo9 Z0uWZYDO2VsvHRcCQkAICAEhIASEALShbkZa9puXRncuB94eTGpNNlTXGZVlOtVqNdzdPRDk bYBOc/iM0EZaXagSJeVqJMZHQEvLtDscRuTnl8Fi90HHaD+6/tTJV16uvY4WA62tq4XRaKQl R7kv7vDx9oan1kbx8c20zWFGTlYqMnMqYXfQ9W4B6NUlDh0DvNoDtZQpBISAEBACQkAICAEh cBoTOGrMd1u0maVoSWU10rNzYbIcOvvTx92A7t2S4HaIw92ELWtWIvmPMrz63F0kvgGbtQ7L lixBNTrinlsvgf4UOeit0KKqthZpGVkwmQ8dqLi7uaNHl3i46/XQwHYAncNegR0bUvHuvN/g 4eWAh5sWtZVFWOcfjxtvvxWdgt1lYc62eNCkDCEgBISAEBACQkAInCEE2lXKNpB3OGXbDhjI 080TOEtKSlBLAjYwMBA1RhN++3P1YZgalQmeRvq/S8Kq6DcWtEYSv6cy74rJrsK6TZuhoRGB v78/3NzcFK93UFAQLFYL/lizDizQm1pjXTbee/tNdBw0AY8/9SSeeuIxPP7gNDSUF2HFpjzy hB/u+T9DnhppphAQAkJACAgBISAEhMBxEWg38W2iSZxb92YrQntvQSUefvE9vPVdKu57PRmz PlyCgNAoJUhjR1bBEaL1qD2xVWDL52/B0zeSts74YPZPzsWASPzOf/UlxPkGomtwJLY3uCG/ qgSvPnw9kvpcgsjECdjXqKHAmuN39G/fmQofHx8YDAbUF9fDvdFdqbumpgZhYWHK4GLX3t2H ND1zcwNMGh9MunogDHpy45P5hQ/Gy6/Owj/HdEZ52m+YcF43hMdfhAVffIiCnGXw8ukGT69E PPTIu6hvKMb2nctw4bRZKG9oRGX2akT2uAo5FcCfX7yDmXfMRHBEIoLDo/Dq+++jiAKIrOJL P+rjIweEgBAQAkJACAgBIXCqCbSb+OaO5efnKzHeS5f9iAsvm4zb/vsABo+/BKs2bMPa9RuQ kJCA3LyWpWVRQNXV4JHHn8TvGzZizcb12LR9M4zmWmzetA7p6bnYuGsnnnr2SUy96iYYGxwo zKrCjTNuw9adv8HbTdN8THYL78DevXsREBCAuro6uHmQ19vLXRlY8MaZtFwdAAAgAElEQVTx 37GxscjMzDyktBwKt/Hx9oVey5lkbMjNTsfWLduxY0cayirqoab48epyYP7iT3HZpRfh2qn/ xqKli7EzbSMKMnZi89YNsNho0GC2KAMVh8NOdZnoswMNxmqsJG/7d2vX4q+V3+Hr5K+xct2W 5qLOW9hDOU0ICAEhIASEgBAQAkKgvQkcvyu4BS1jr7DNRqKz0gI/kzeW7ihBJfyBwJ7Izi2C n58fqqqqW1DS/lM89BgycSI+f38+IjqG4JJrr6A46waU5ezCX5mN8Fv0NdT2GtTlVKE+144Q qyeCe0ajQuNAAiVUPBGrqKiAp6cnKisr4R7gDr27XvGCs8eb9/n6+qKSzmlq3jQR02wxK6IZ KiP++v1bbNiSjZSthRg7aSbu6+OFCHdvaGODkJWVCW9HCBKGJ8KXPPmj4q3IyaxGZJeeRzZb ZYdDX4MLpkyHPSQYMeY0jO6fgN1lDeT5hiSNPJKY7BECQkAICAEhIASEwGlBoF093yxOtVot /NzV+P27L1C/ORWq7Aw4qvagc6cYVFdXU9y0WxMQHvAKCIWbkbKbNJqV3OMOWy15eatg9NbD rgvCQ7NeRe/BPeDeUI+vnnwKRTYjit110Hp4IyAoEGGRFIIxaybCg6hcPYlvf582EaMetNqn yWRSYr1ZhPPvPu4amjBqg5+nDnUUy+5O+5paQu8gVBTnkKe7kAS4G67510y89tqDuOzy0VCT aOf+uXn5wN+LylRb4OGop4mpHDqihtWhg9WzARaPqv1F2ihoxsnk8IVLKfoFdrsdKrXEkJ8W 3ypphBAQAkJACAgBISAEjkKgXcV3TEyMEhc95cqJcJjrsGf5TyhYtxbD+3fFeUMGKWEaHTt2 bNI0HQIjOiJv7w6sXrtGEaFV+7KxbBnFOnfuiOKMfIwdMpbEd39cOn40TDlZqLdbERIdj4CQ KIwcNRr9+ybhs0/nQavmCZoaKoETBJ64JSYmory8XBHdZjMtS8Reb0p7SDIZXuQFz8nNQXzn +EMqCo4OxAVDB+K5Rymeu6CGjumRsXM9Fn/4Lmwk5G3UPm6dmoJFgiJC0UgpDFevSUVVWRmy 07IRERNKWxBKCoqRl1eMlPVrYK6sOTDxdNnyZaioqUd1URH27ClHYkK8RHyf+K2WEoSAEBAC QkAICAEh0G4E2i3sxEDTG/tSPutfVm/AgC5dsPjNRyguO10JNeH46Pz8PCVcY9zQAdQ5ly/X DbGdOuGxx6bQhMP/YObtlTB4R+HR557EdUNj6bxaPP7sTFw+cgjsWi888Oyr6KSLR+ceHVA5 aB3Gnz8SNrsH5v28FHY/krQRARTkooNfG+Dr16svfvjlR3h5eSkbZ20xUWpBh0NLwjiP8pOX YeiEwVTTwTSEal0Cpt/3ANwD38TEi4ahtsECd/9YPPzca7h+4ijsS02DR1QoAqn7Bl9/vLEk GZeO/QdeIAk96fZ7MChpAjy0DkwaYsdVEy5Bv7EXY3CvEATTaIKjyzsHaXHnyDEwkDf+cWI0 JY5zhzeTa7wN+i9FCAEhIASEgBAQAkJACJw4AVXyt/MdycnJygI4kydNxtQpU5VSd+UWojN5 rjk44niNUwPmFZchIyuHVtF0g14Rq3aYjfWUv9uGgQMGwoPisQ81vqqRNj1tlFubWqAjX6+n knyQ9/NxD/qkoU1Nwprbt/8aEt6gcI0GSiyipXr0FIph1GhIjqroiuPvB7ePQ0TKKsuRlpYG rYH6Qht79c2NRtgorrtP7z7wpD5qDwwk+Co2bjcLcg6vIU8+lWOg9rrzfkpfqLScvPR6CilR rrVRSyl6pJ4Etjf9zq0HKPyErrJQGToOH6fwlF++eAJ/5QbhmnvuRwRNJqWgHOrjwRzjStVi QkAICAEhIASEgBAQAu1OgHViem4uusaEK3Ut+HIBFicvVsKVJ1988yH1t5vnm2vhcI8OoUHw 8fJGcXkVqquqYNCpER0ZhpDgEFpE53Dh7brqYOy0U1y72nwwPtyNhCZvTuOa6BolvoRip/kH hz+TCHc/Qgzvv6SVP3gQEk7x4769umFfeQ3KKfxDQ5lcosPDKL7cj1IJMsrDo7G5Ek4xeJT+ KGErfJQHBtxgyoqi4dtHKQn50gNGedKVo3QeX+Bw1tNAQ5Jq2pF0ggOLQ6qSX4SAEBACQkAI CAEhIATajUC7im9Xq/083WhSYhgQQxtZs8uwt1sX27ZgD1owKC7KkzbnyOaU9EflhvMm3I2e ZgqpMYi3u23vsJQmBISAEBACQkAICIG2I6D35siNg3ZSxPeZLLabQ3/q+6OGt18YhaWwNff2 oLlWyz4hIASEgBAQAkJACAiBk01ApeEg44OmBGqICQEhIASEgBAQAkJACAgBIdD+BER8tz9j qUEICAEhIASEgBAQAkJACCgERHzLgyAEhIAQEAJCQAgIASEgBE4SARHfJwm0VCMEhIAQEAJC QAgIASEgBER8yzMgBISAEBACQkAICAEhIAROEgER3ycJtFQjBISAEBACQkAICAEhIATUFsuJ rfwoCIWAEBACQkAICAEhIASEgBBoGQG1zSaLtLQMlZwlBISAEBACQkAICAEhIAROjICa15wX EwJCQAgIASEgBISAEBACQqD9CUjMd/szlhqEgBAQAkJACAgBISAEhIBCQMS3PAhCQAgIASEg BISAEBACQuAkEWhf8e2wYcv6H3HT9Km44h9XYMrUKVj47bcohQEWqNqwi1aYa9Lx3CufYFuu tQ3LlaKEgItABbK3rMDdd7yPbWlVqKFn2OEowapfl+ODRethtLbvV0nugxAQAkJACAgBIXB2 ENC2XzccKCstwXdffY27Z96NHn0Go7yqDP959Bk4fGMweWRfqtpBm0r5v4N+qpVPbM79/MlO +/kM51ks2Hlznaei487zHXYzSkvL0WhxHjtYpvMMO5XuLEe5QEwItJKADZbGeqxfvxndNnRF RNwYem9kRUNdLT3X7iTEnU/c3z/PB59irtz5ZPLrJ/7kHIzy887m/C64nnOnsHd+K1z7nN+C 1nxvnLXwFWyu78nBQQN/m5zftKbfReVkMSEgBISAEBACQqCNCLSj+DajrrYK5dYk+AYlKM31 9/HALddMQV2jHiqbGTa7ESmrtqNKpUVE997oFkjeRJsJuZlbkLevmqSAHghPQPdOYajN3YWK YgtsNgd6DUxCXlYBCvNKka/TYkDvLoim8j3RAFt5GVbkp8HgF4ywxB6IdqtH+s7tMAf3Qlyw D50jnvE2enbOuWLUagf69wtBQ3UtSuj5DIxqiqAe1eX7sDk1H3X03Kp8gjG2RyfYrI3IytgJ c4MWtdUmeEWFws/TGwV7MmAKDERS7+4Ic1RiX04hcjLyUejui6GDBiJcYyJhX4LUbSloaAiB T3AgopMSEEDP7+6tW6Hy1CGjpAoa3xBc2CtO+d5kZ2xBflENCWiqPyIRveIj4WGqwPZN2ait b0RdQAAGdY1DsLsGsJZh9dotqDcHI65HIgKC/eFuysae3HK4RyQh1lMNzYFB7jl3q6XDQkAI CAEhIATajUA7im8tgoJDERtux8cfvEKfA9ApYTBGjzsfRuhAKhnL536GzRXu0DkakE6CIvS2 6Sgn7/UXn/2E0AgvGKv24fesNXjtsduxYsE8ZFpDkZgUj8DdwJdLfoFHUDjMdXWoTtuCaVP6 o4pSln/z05/oErkPGdk16DvOHVFDolFVXgdvL5ZEXu0GUgo++wmwV9gjNBaJceHY8edv6Dp1 KEw8QGSzmDH77f+hxEDi1kOH9E2bEfb0U9BrtXjn9U/RrUc8PL31+GV2FoYP6wu9qgI/birE E888A4M1F98v/RUNei8UZ6RDW5KPsRNH4ftl65G3txABYcUo3FiNfqorMCrRG3PeegLFEUPR Iy4AOVtnA9PuR0SIP76Z+zNCI71hrMjHn/kb8L9n/o2tq37BL1vzEREVjsqUFHjW98Cw4X0w d+7vKC8vhdaxBSmpuzBt+rXUJj3qK2rhH2wkz7vH2X9DpYdCQAgIASEgBE4BgXYU3xp4+fji n9MvQ0FBKUxGIx5+cj6Sl63EpOlXYWSgA799/Q2mzvkNUeT5W/jsk9i1Lw8dQzrgmn/djpgo 8s7VZmPJjCVorLbCYGxE1+EjMHzMIOQunI2omGiMvOY6hBlrUVySBzt5ChvJg96nxwBcf5Ea C+f/huJ9VRQOEIfBw8fuR+t60X8KSEuVZzwBB0nSepU7+vZJwoI3l6KwII7mLuwX3xoNLpky FarowQiy1WJh3g7k1tQiJDAcfr4dcNGECRSq4o3fvn0X3RP6YPCIUGzJnoPM3QXQNKbS86vD +BtuRFheKl596QX0GNUVm3cUom/XMZg0xQ8F5fWo0YUC2n3QqavQd8wkXH1+EHYml+DjH1bh kftuJAF9B31vKLSlOhvf37kMxTnl2LtxC8ZedTMSuibAvaQQVnU9Siry8NniNfh09osI98jE /c8ux94MI2J6BWDwoMFn/H2SDggBISAEhIAQOJ0JaNfmmKGqUsGgNrRxO6thcZBY8euKjv7x 5EezYdmSHvg2+WdsWpGGwRdEo7i4GFMvGgN3mwo+5HUbeUM1wkOsmP/9Etz8+Tt0hRGNfhPI S66H3h6C4I7+sNvt2JtbAt/OXeBFgkfv7YZo744wVe2Fl9aA7t2joFIVQkseR5WqLSd1tjEe Ke6MJaD3NeAft0zBnM8+RUKP4c5+qG0IVhtx3kWXwJ0GhCEOC2663jmXQeXuD4N7ANztOprv 4IBHsAe0Oh289A5ozbUw19fjy89m45U5X8LPpEKnznEwm0Lx5MOTce+t1+H919MQ2esCXPP4 m+jkTdHh9FwHBwdBrVEjsUsXFP+wBnqKOf/lm2TM+/J9+t40whp0GcWi16CkxozBXp5wp6+C b2gAtVWHurwC1JXm4fIJl0GnL0OdPhQXTruajoWfsfdEGi4EhIAQEAJC4EwhoA3ycUO+2g67 qq29wlqs+fUXLP5jLx68+1a4BfkSEz3cfAKhKbfCoScBER6MH2cvQ4i3B3npCtAx1he//f4b Sssrsfyn31FYnIGbHvpq/2RLJ1K1Wo0OseEoaqiDw2JDg8WC/PxMhAc4J4sdCZ5X8HTATKKD Y1gljvVIQrKntQRUiIyJgz/FXf/1x6/wS7oUVVlZeOSuf2PRl3+RCLfig2efgcahAYWJH9P0 3u64/p/XY8L0mfCg0Kn8gjyE+HsiN38fXvzfbBgMOrzzcTJWrdqA8y6PVCZ31lSUwmEPx9Zd mejRJQ5r/lxNcd1G/PDzChQUpuO2x5YiwN8Hvn5uaKipB3+9S8uqYLJWwVPng8hgX3w0ex4C glTYkldJ8esx1M4GmmehpqhyLX1bXFM/j9l8OUEICAEhIASEgBD4GwL8t7WpaaPcG7BOb/qb S473kCd6DxhB6dl24/MP34FHWDQ8G+0oplfxAyZeBu94A8ZNuQiff7AAnp5uaGy0URq3sfB2 1yGvuArzv0hGGcV8G1QWWBvrDjRCrVGhW/8obFu4CnPemwdLbQ28KJb2yklDFNFwpDUoAknd cRh6dQiVCZdHApI9rSZAIVE0kLzu6nG4/5HXUa21waHxRIAuAEuWLoVHQ43yVieRJiHo/I9R OHmkg3tS+MqeIsz/4HMYjXYE00D1qigvbP5rCwqyCxAU6Inq0np0HRgJcnbT2x8b/vzhG9Ts DUZ5dhlu+ddlyMstxLrCCsxbmIzSygLle+PhaUffQR3w/ZdLkBIRgariEiQN6o3Bo4fjpkkj 8dUnb0Djr0WGKRhXT78BDeZirN+WgZCug5HoZ5CB6jFunRwWAkJACAgBIdASAjWNh3riVAsW feJYtGiRcu3kSZMxleJW2XbRH/POMTHkASNXXCvMRn+yeXOaA3WVlUhLz6SsCmYKHVEhJDIC EbGxJA5I8FMmiDXr0ynriQ2dOnVCZLgvGik2fHtqOkzmeoRHhKGGdHdsZBiMZYXQ07UeXl5w o5ja7Kwi5BdWQkW5xHv07EYCXou0jELySHaAn5sJhYXlsKi9ER3miYw9u+EeFI2wQD8RFK24 l6frqXp6j3HyzYz6qipkl1qREBdJcdcO8kDXIzszD42GIMSH+SFzO4nlBhv8vTzgQSrZIzSK Boae9FZnHzp0CIObQY0t2zIRGxsNX28d0vbkISAwGMGBWhTklyIzp4RCSoDevXvBi57n+tp6 7NyxE3aLCd4BwYhMSIS3OguP3/wv+F7xGhIDrOga6o/OcZ1R39CAXal7YbLUIyIyHNX0venU MZxCWyzYkpqDesp24kNvmOK7JEDvboDObELKxhQKDbMgvFMSQkJDKASmhrztRQgIj4G/B2VM OfmQpUYhIASEgBAQAmckAXK3IT03F11jnCGcC75cgMXJi+Hm5oaLrrjmkD61ufhm73PzHugz kqU0+jQkQO9JTsNWnaQm2bLw2C3TkXTPN5TKMBBBkjrzJIGXaoSAEDglBGiS+xlrDuMZ23Rp eOsJ/J34vnjStYcU2FycRqtrJJ+2EisqJgROBoFGuB2oxkDJ/pxL15yMmk+HOnzhGUW5wd3M TSicDu2SNggBISAEhIAQEAItIXBC4pvzHrPodq2Z15IK5Rwh0JYEOMSJxTcHO50TpvHAg0+9 RMvb+9ALrnOkz+fEjZVOCgEhIASEwLlC4ITFN7vZxYTAqSLgCnE6Z8Q3+bs5Ftu3lXMxTtX9 kXqFgBAQAm1F4I8V7ZEcoq1a5yzn/JFtnba5bdsnpZ0eBCjdsI5SmdHLe1P7P9Q0RQ1mW+sm cJ4emKQVJ5OAmuSljhadERMCQkAICAEhIASEwNlGQMsLdhzPYjQcanKscBMW2za7Axa79Wzj Jv1pRwKcsd1qPZjRxKDVH3NGAT+L51bsdzveAClaCAgBISAEhIAQaDcCxx12YsLfv1qxO+ww 2aw0HY6X36YJmbQyJa0NIiYEWkxArXYODM1WB63QaCVvOK1aqgRdHGn8PDrz7MhA70g6skcI CAEhIASEgBA4XQhoLbRCZFsb5+12ebs1djNsNlqEhMS3xXHcWr+tmyjlneYE1DyVlxPokNbW 6rTgwZyFBnMcjtK8/D7NOyTNEwKnEYHUnanYt2/fadQiacqZSiA8PBw9uvU4U5sv7RYCp4SA loVxW5qNFr1xCe95c+cqRfNy2GxNU8S1ZZ1S1tlHoKkXm8OiEhMTMXDgQJozYIZBw29TTr7N /nT2ya9UajzrCPj6+mLyFZNPab/WbViHsWPHntI2SOVnB4Hly5eL+D47bqX04iQS0PLKO21p VoeGRLaGggBMsFrMuG36oav6tGVdUtaZR+Cxxx6DVtu6NyA2OxBBy6NbKLDERs/X3wc8tR+T +oZ63HLLLe1XgZR8RhF46aWXYKQVeVtj/KaRVyQ91WYxWxAaEgqD9lR9m041Aam/LQiYbCaY afXqU21mequekZPVvs0gH2JcVBj0lKRCTAicKIHWqaBj1KaEBlB4CQUKKNlTODxAq9Yqm8tK SkthbDCiuKQEA/r3w8ZNmxEYEABvH29s356q7MvPL6AJd1Z07hyHDSkbER/fGfzHooBek/Lx rdu2w9fHBwEB/ti0eYuyr6ioGI2NjejSJVG5Jja2o+Jxz8nJVY7v2LkLnh4eCAkJVo7369cX 5eXlqK2tQ4/u3ZR90dFR0Gg0yMjIVK7Zs2cv9Ho9Cb9w5Xivnj1RXV2NSlpmvA8tAc77wsPC YHAzIC1tj3JNZmYWVBQv0SEmWjneLSmJlv6uR2lpmXKc9wUHBcHLyxOptHR4f9qXl5dHoTl2 xHWKVY4nJiTARMt/FxYWKdds2bIVfn5+tPliy9ZtyjWFhYXE2EznxivXxHXqRJNbbVRWvnJ8 R+oOeHp5UV2BtIz4JvTv1w+lZaW0zHgDtakrUuiamJgYaqsKWVnZSj2709Io840b9SlUKbNP 797U10rqcw31vQeVsxER4RHERKew6T+gP7HKUJhFR0Up1zDL2ro6YluBfn37HDGZNzgoGPff d/+BtyHHeKSgVqnxwCMPK6FLzIgqg4kmY/IkzFNhhz/Pp6INUufpQYDfyDw/63klJKolxuc/ OevJlpx6Us4R4X1SMJ/VlRg0p8fgrYA0Q+cOce3K2kbaJr8gHZ1iOrZrPVL4uUGgXZalVEQS R5rQH5umwpuRVpAoYxG9jYQ2i+NUEon5BQWoqqzC2nXrFXGYQQJ2z969ioBnwVdWVo7CoiJF eLII20lCOpcEK4vC1WvWKmIvKzubxOMesGdp0+bNKCkpRXFxiSLOWcjv3p2G7JwcEtu1WLV6 DWpqahRhvmvXbqXMLVu3KgKeRTKLVR7Np+3Zg8ysLNTV1WPN2nWoqq5CXn4+dpBo5rbzIGAf iWAW8es3pCjif296uiJIG2iAsW79BlRUUn8L9ikDC7btqalKfysqK5XjxgbqL4n9vdTfxkaT ImDLqDwW11upvzxRNXXnTqW/VST8uR313F8SzNw+bicPYEppUFNcXIzNW7bARv3duXs39S8H Nfv7y/1W+kv7mccmEvR8filx2rjJ2V/mx+XWUflcDw80cnPzaOCyU2nHlq3b6T4UKvdjAzEy UXv37OX+ZlF/G5T+VNJ95MET9/NoxmVx+EhLtqZl8ODiVBpP9jz8eT6V7ZG6Tz0BZ/rUlj3L LRXpp75X0gIhcGYR0Nq00JHsaNfNSklwJWnEmfVgnMatVSV/O9+RnJysCMfJkyZj6pSpSnN3 5RaiM3lGdUdZzKO5+G3+49JAwttooT9JNDnuiwXzcf/Nh65nz8J3375C/GPylacxFmnaiRL4 938exKsvv3CE5/ulV1/CfffeR29IWjbR103rhvsf+S96nTcew0ecDz3lpPdQWZr1fLd3tpM3 33kTM2+feaJo5PqzhMCs52fh0YcfpTcxLVsjgScLP/3M0/RmKRwzbp5xSim89+F7p7wNpxSA VN5mBN58l/5dvK0d/11UuR9o69EW2cnLLqc31+HN9InVMr01pTeodto4F5aWdukOEdFW5Rif oyIBz2/sNc2UZDbZUVCSjtiOHZs5enDXIYvsOFoXlva3BcvB054ALzqZnpuLrjHOZ3HBlwuw OHkxOLz74kmHauE2DTtxLqDjfGydy84f6VgfPHiQkvlE7Owm8MJzs44Q3sfbY/530vk8OfOc sLfRmfmkTR/f422eXCcEhIAQEAKnIwFaZyQvPQ0bdu+iuWj090PvicF9+qJTaIjSWtYihXR8 3Y4dMFJIowEBuPiiUWhujTc7ve0Wx/fpeJPPzDaddPWycuWfStjFddPaYyKmhUIh6rAns4Fi oTtCrz22d7W8olwJn+AJfW1n1A5TPXbtqUHXLp1h0B0+IcVK4SL1SM+qV+K8DbqWec7arn3t X9Idd92D9995i9IFHjkA4zCfRlNjixph8DxaTKH8M9gigHJSuxLg8DN+a9gS07g1509ryZVy jhAQAq0moC5HdkYOMqt8MG7cFfCi719jYzY2bUqluU4D0SFQhWIKw9xW6YGR466Ev6cWDYXp 2PLXDwgeOBLRXm7Qy5+ZVmOXC1pG4Ehl1LLrjvusGJqIyBP+DhrH8Tq3BnrZY3S98HFQ0+z8 x4qEKaUv5M9mOmZSjpuUSU422se/W5q8JKqhuOwff1xBmVZolKtcb+FF7VGvnNe0u/QqyliE 9z7+Aj+u3XygDdwWbgO3RbGm7eCXVlQm1+dqh6NJO7h9LqurqcbSpT8f0g5uN7fDTBNSG+qM +N8Lr2IHxVtzWbazLHv1+HFj28zzfQCqfBACQkAICAEhcBgBm9pOoSP057nJZmkgr3deCSVh iIDBXaMc07kHoVNCF/rbRMkhjDak5xSgV49YSk5Aa0nQcY+IMASFh6KI9ttsjkPKE+hCoC0J nHTPtxtl07B6ulYhdGDD2j/w9ddf0wTJaphDk/Dic0/AQDG93yQvR2Ln7ogIrcEDDz2P+kYv 3HDvTAwa3AeZm1fhxVfnwuQIwIvvvwp/Lz1F2jgn41mtFpoAWYn6mgYs/2kp8vel0CTEDHh3 HoC777gRncP89vOzIDXlB9Q10muosROxbcsfWLhwIcpKa9AYGI/nX5gFN2rHD9//hrDgGHTv qsXMux5BrdEbV916I0aMGobivZvx5DPvUpx7IJ78v2cQEeJPa3m62mFVJiYa6434/bsfaBLp appAuReayJ64954ZSKKURf+ZMQ1vvvsGHun7CfwoexFL8LPFOIONmBAQAkJACAiB9iZgU1tB 8yEPsZoKcpNpPCkzml7xoTlVhxcCQr2U8+oLS2BRG+DjTU6z/cc5h5Y7ZV5z5Jlhsdoo/MQp kUjbiwmBNiWg3kfC8WQaZ8H4fcUfzirplU5d6k6k5VRj7P1PomhzKmr3ZsBatQ3rN61Avace k29+FxOm3I47bh2P//u/l1Bdb8HLb/+OiydeinED3XHHnS9S/K+rBw1Q1+ThmxXb0GCsQcrS BfgzR4sZL7yOWEcDVv72E4qV5e7JrFqkbqpBjwER8PUib/SedMrQkY8RJLCrMyiTyq5M2Gp3 kHBfgUq9CqMnP4fRE2/D3Xdeis8+fY8GA1Y88eJ3GDl2Ai47PxAPP/Q6Ze9wtcMIVW0+Fv20 CXXGeqT+lIwVaSbMePVd9PbV4dfvvkIRDRfiBvjCXZOHn/eUk0f87LI33363RekEu3btjcO3 G264+eyCIb05JwhcfvmUI55lfrbFhIAQaF8COiutfEzRX003zvrFYY8cqa02NyJjw1pypi3G sqVLsXtHPsym/cfZW262K9fCZlHS79o5s5bJcaA8B0WOtjCjaPt2VEo/awio9+zJOqmdGTF8 GKZeddWBOg00yaF3725I6pqEiy4YieXffqOkw/OgWN+KqhIUl9di2PlDcd7oC7D4izlobKhB XnYBoikTy8jxY7F2zRpUVrtUL31ZaGoe/59nRvh6anDzbdMRGkkjtzUAACAASURBVBmFDuFh lLO6Aub9q21yrvH6ukb4e/tCQykRDWoN5ahOQE/K5T3u/OH4dtFCSjOYTaVZSchXIye/FCMv GIFBw4dj3pyP6NtqQtrOvRSzHYchdP62bdsofeBBjz4vj05fZ6WfXu5qXE+LDQVTXHk8hd1U UJw5t8OhtiGGZmjvzcw+6yZyvP2/15uN92YeHCfL6QZ5W7nyF0oPaVXSPPLm7u6Ojz9+/8Dx k/pwSmVCoLUE6N8Z17P81VcLlZz3rmeZ92/btuHAcZmu1Vq4cr4QaBkBTgOr/BFtsnn7eNHc KhPNv6LQU/Jcd+neExeOH0fzsLrATiElnl4esFKqXhOJcEUW7N9s5PHW09odGi15xJuW2bKm yFlCoEUE1BWZ5S06sa1O4rzaq0gwHzCTD7Q2Hc0ytuNfV45A9paV+GtbOeKTOiA8oALufsGw q3lFKR94ohTB+gwYM/bgwzc+wBMvzMHIEfGU2rD2yObZ6RoqGzqKpmYhTqHjasoFqsx4JuNc 15z7Wk2x4cqUPjpXbdHTZxuuuXQIcjf/htXbyhDeMRwdwuqoHaEU7s2voHzggUoEG9Jhz8vB J29RO57/DH37RKHeUtNMO+gabgfnN+KrqR1aK68CetLD7Y9sWzvu+fjTz47q+TbTyqecQ5w3 Lf0DN3v2u8qCSiNHDsevvy47cIyPi2Bpx5skRZ8wARbYrmeZf/788/cYMmQQkpK6YP78T5Sc +a7jVhpkigkBIXByCHhQhKme3mrv3Uvhn2ZOROsBldWIuuoKCimhdLVuDkT6u9HaFjUk0p1t MtXYUJBN76VD+W/22f03+uTcBanFRcC5UCAvFujctD0SO2Hb1k0njRCPJnVHWV7cp4MPLd1K 8d7f78Ijj0xHeFAIfKp2oCEvDTUUp/XaZ4sx9fop6D8sFnc9eDd0OgOe/mY1vIPpW8Z5o0lX G1sYxe7h4YawQA80kgivd+riAwy8o70RGKjD/IXrcc991yIiqCMC6naiPjsVddEBeHvBt5g8 7R/oMyQa99x/G7x9/fH8t6vhG0pxznb6FpMnvbEl7bD7orLciqgAL5qCeXaZG+Xjbqn17Nkd L1CMfYcOMS29RM4TAqclATfymL388nPKYlNxcZ1OyzZKo4TAuUDAZvVAYnw3ZNLictt2FJAn m0JTaB0SBznmOnYMor/TBsRQWNiegnxabTobanKu2RtsCAuPpdWzg5ukTzgXaEkf25uA+6HJ 5aE11tcoK0meLOsU2wlRFAbSrFHKvdFjRiBliRUxHXoi2EeDV56cSR7xi1FLgv2Smc9B6x2O MRcPwTVTaJEeswZXvP6Nkurr848/RIcegQiJphFrC0xDS6QHRwRiW2Y+ks4/bKKj1ozLJo7D z+8UIS5+IAK9tZj77jO4+R8TUUPXjZ3+EGxuwbj6hktx/bQpNJrW4+Jn54A9ut/MnwOPEDs6 9zhKH5u2jUbZOdnFmNCj81nnB7/yistble2kb1+JjW3BYyunnAEEIiLCKXVpcwt+nAGNlyYK gbOEgN1ugBeFnvZMsqGK1rqxkItLZaZF2miA7EF/x9n0njp0T7Si2kirLtN8MLXFDd5enqBp Xs6Qk7OEhXTj1BPw0B+aalYbkhgCQ7qhxblqT7QLK//6C9kUS33nHbcpHuKhlPFjqFIov/fp gPHX3UvbwVr6jJ+AFTsmNKnWgrirb8cltDW1xDtvPfDr7r/GKZ8f+vz9/fus6PjvmzFG+W3/ +yWaiNF//IVY+vRsaPfRxMtplykbf0WBKAyceDvWTdx/Of2IP28Efqdl7Q+aCQkXX491tB00 B7pMP9j4otQLlEN3fvDq/lMaEXvLVAymF2B2exUee20pelx4K/r4nH1Tqe+8+14s/Sa5+bhv etPAcd9iQuBsICDP8tlwF6UPZyUBB79TDoWf2/7euX4e6CyFljhC4XvU42clFenUaUBA632S F37o368vTa7schp0XYWAoDBcdtkE/P7bb4i94eKT2CYVKsrKyNttwk038eTTYy8GdBIb1yZV Pfrfh47q+bbRTPIWv20Rjd4m90MKaR8CPCehpc8yx/qJCQEhIASEgBDQeqKuzShoKGOI9RhO 3JrqGso6UoVOsbFtVu/xFcTvlfQYO2bQ8V1+QldpEBQSg1lP30WlnH3Cm9FkZmZh8KCBJ0Tp aBfzneNnTUwICAEhIASEgK+vtzLPoj2N33D5+fq2ZxVS9jlEoE3n+WlUPDvYqb71FN6ha0ZY FpcUo6CgEIMGDjiHMJ97XV27bh2mTr2qTdbtVJF3kZ8nTt/oNBXUyrMmJgSEgBAQAuc6AR8/ A/QGZyaz9mRhcPNoz+Kl7HOIQLsoGJ1OR+LImXP7cJZl5RXILyjA0OGjlHR/o8aMx3MvvIQf fvwJ/sFh2L49FXfedQ+u++d05OTmomNcIr74cjHefvd99B04hFJ31eOiSybiiadmYcUfK+Hu 7Y8NG1Lwnwcewj+uvgbFJbScbLee+GzuPMz+5FN069kH5RUVuGLyVXjw4UfAolDn7o0//1qF Rx9/EpdePolSgdWgV7+BeP/DjzD/84WIS0hCwb59mHrt9bj73vuwefMWePsH4+dffsXTzzyH sRderLxqHjh0ON54820kf/UNImM60SqWmfjXjbfg1tvuxE5KqRgcFoWl332Pl155DcNHXqDE OY8YNQYvvvwqvl+2HEGhkdhJceS33XEX/vmvmyiveBaiO3bGosVf4X9vvYMBQ4bBaDRi3EWX 4KlZz+LX336Hl18QNm3ajHvvux9XT7sO+woLEd+lG+Z9vgAffDQbPfr0VzwAl10xGf999HGs Wr0GWjcvrF6zFg8/8hgunzSF8oxXokfvfvjo408wZ958JHTtjqLiYkyZOg3//s8DSEnZCA+f APz2+wo8+fQzuPDiy9DQ0ID+g8/DW++8hy8XJSMmNh7ZOTm4/oYbcfuddyE1dQcCQsKxbPkP eP7Fl/HG66/RM9D8P4acR5UnybZk4+eHS2HhrafVxlRHKfPw50x+FwIngwB/p1vyHPM5nJZQ TAgIgXYgQHrDzUPX7hsvwCMmBNqCgGrR13MdvLw7/3GYPGkypk6ZqpS7K7cQnWkhm+a813y8 EUfMXFDEZQOl8qFFXWlFqTp8Pn8u7rn5X23RTinjLCHw7AvPYhqJ/NbYOx+8jwHDLsCIC8bT wkQ6eKos0Gmcs9WblsOZXHlrL3vznTcx8/aZ7VW8lHuGEZj1/Cxcd02T2eEtaP/sT2cjMiIS M26e0YKz2++Ujz79CBeOvbD9KpCSzxkC3y3/DjNuasfnWeV+gOUfK05eZrbjvYHnj2ySZtdB aVbEzhkCpEyQTk7jrjHObFcLvlyAxcmL4ebmhmnTDtU9WrMru3wb4GGvpI6Xc6UJdVpK5cOC /q/1KQdKZmkkdm4TqGx04K1P5h0TAnu6XWEmGr2HsnIgr3ngoEWQmhPexyywDU7g78ra9Wvb oCQp4mwgwP/effQJrXZ7BtrA/gORtiftDGy5NPl0IzCE3kiLCQEh0DoCba6GdfxWRkVLh1OW irHjxh9YzYebZWnGW9665srZZzqBiydd26IuNPVi6/V6+Pj40PsUuzK4O1V26cWXnqqqpd7T kMAUCuE6HuPn+VRbT1pqW0wICAEhIARODYE2F9/sDdJTSIDJakanuM6UTI/CA0iIs9eQBbmY EGgpAY7xVpPY5vkDehq66dTaU5rlJCE+oaVNl/OEgBAQAkKgjQkcEtLRxmVLcULgZBI4bvHN GSjYeFplc2bQ6tFos0DtoDNJPBkMp97b01w7Zd/pT4AnbmpVfy+8+Xl0PZOnf4+khUJACAgB ISAEhMC5SuC4xbeBfNoclctLsh7N3MgDrnfYYaNNMdLrNocsNHE0XrLfSUBFMpo93i5jjzdl 9v5bPPw8igkBISAEhIAQEAJC4HQncNziu6Ud43zMTXMyq+3Ne8pbWp6cd/YT4NAlyeN99t9n 6aEQEAJC4JgEJGPIMRHJCWcegXYX34cjkZUJDycivwsBISAEhIAQEAJCQAicKwROSHxzKjg3 yvjNoSccgiImBE42AQ43kVjvk01d6hMCQkAICAEhIASOl8AJiW9XpSzCXQKIRfjRJmEebyPl OiHQlICGcn2LCQEhIASEgBAQAkLgTCTQJuK76aqCzjUG26TYM5GntPkkEDjaqqsnoWqpQggI ASEgBISAEBACJ0SgzVUyeyVdKxOeUMvkYiEgBISAEBACQuDcJOAXBlRXA7wo1d5UICb6SA7z FgDXTQemXQ3M++TI4+fKHqsV0HkDcZ2A9B1nf69feAV4+DHgzdeAO287I/vb5uJb8i2fkc+B NFoICAEhIASEwOlHgBbowzMvAB+83X5tq6sDvIOBRFpIbffW9qvneEo+ndvG/Tnd23c8zE/C NTJL8iRAliqEgBAQAkJACAiB4yDg7g58OhfIyj6Oi8+RSzS0DgZ7gZ989Bzp8JnfTRHfZ/49 lB4IASEgBISAEDg7Cdx2M2CxALOePzv71xa9orUxlPCLa6e2RWlSxkkgIOL7JECWKoSAEBAC QkAICIHjIDDzdiAoEJj7OcUzZ7S8gJRNwGQSo6ExFDfuA0R3Bm6cAWRmHVrG6285Q054b9oe QEWedtc2ZkLL6lv+I3ATid+kPoBvKOARAHTvBzz+tDMs42ilFBYB9z0IdO3tvMaf4tz7DAIe fRIorwBa2jaO+eY2d+7mrGnTFufv/YYcrWbgkznOc6bfeug5relLS9vHNewrBO7+DxDfHXDz A7iv4y8Ffvnt6G388Wdg+AWAJ93/wAjg8inAjp1HP/8MOtLmMd9nUN+lqUJACAgBISAEhMDp TMDLC7j/38CDjwBPPwfMmX3s1i76CrjmnwCL0v59gRHDgO00EfHjz4Dkb4AflwKDBjjLGTyQ Ju/dDzz/Mgk8Es1NJ/B1ij12XXzGzTRAqKwCulDM+OjzSXDXAxtJ/LO3ftkPwF8kMN3cDi1r fQpw8eVAWTkQEQ6MG+P08PMA4NkXgTGjgeNtW18S8127ACzCd6dRuxKP7Mf8hc59h3vLW9OX lraPB0IXXebsa2xHEt1jaXBB/f79D+DnX4F33gBm0BuOpsaDrX/eRAME8uqPHOFktHY9MSG+ V048sj9n2B4R32fYDZPmCgEhIASEgBA4pwjcSR7rV18HPv8CeIQ8xTwx8mhWVAywN9dG60F8 TmJ7KnlL2RwOp0f5uZdo3/Xk5d5GGUJ0ToHbPckpvoOCji9u+s3/Ay4kQcnx6S6rrXWKx6+X AG+9B/znnkOPXUHtYuH9+H+Bxx4GtE3k2LoNTrEZHUUe9ONsG4vqR54AWGTPop9Njb3QLHwj yZvMwraptaYvLL6P1b6GBhLLVzn7+hZxup3uDQtqto2biRt5v9kjzoI8tqNzP9/D2+92Mln+ LXDBKOd+vqczZgIfnfmZbSTsxHlL5f9CQAgIASEgBITA6UjAw4M83yTQWHw99ezft5DDKTgD x8RLDgpvvoIFH4vQeAo/4cmbS77/+3Jac/QK8uo2Fd58rTel/nuPQlrYviYB2dR4AikL4Isv ov5QyrymwpvPY688C+8TMU6/yH12ebiblrVwEWC3O/moD5OBre3Lsdo4Zz6Ql08DkWuBO2gQ 5RLefF0/CtPhSaKc0YaZuIw/8z28hkS7S3jzMZ5Y+uoLFNrje6xaT/vj4vk+7W+RNFAICAEh IASEwDlOgCdevvwa8MVi8mA/RPHVXZsH8ucq5/5rrznyOAvN62g/x2LzeZMo7KOtjD3d7E1O z3QKRxa3bAYD5SlPP7SWn/fHOU+n0Jj2sg4xwLChzn6uXgsMHXywpvkLnJ8PDzlxndGavhyr /T/94jzjaKEioyiMhI1DU1zmuodXTT64z/XJxweYMB5Y8OWRx86gPSK+z6CbJU0VAkJACAgB IXBOEmDP8kPk/b6H4rOffAb4kjyqzRl7lNk6dmju6MHQhoKC5o8fz963KazkQfLg1lOsd3NW uz/MwnUsL8/5KYG88O1pLK5ZyLL32yW+OQacY8G70+TMXj2PrL21fTmyhEP3ZP9/e/cBX1V5 /3H8e3d2QhL2hjCVpQiuClor7j2LCi6c1bpXtXVba7XuunCLVvy7ad1UC6KCMmUjG5KQkEGS mzv/z7khjBAZkcDh5PO8ei333DOe5/3Lufd3n/uc5yypeX7CaVtf0xoDXltWrKz5l/UFor7y S8vrW9emy0i+bRoYqoUAAggggAACmwhcfKH0gOn9HvuOuYBypj1orBk5rri6Zoz2C8/UJLnN c2vuzGnVMKNFzbCK3VHb006RrrzWfFExvxb8w1xQao1xrx2GYg1LqVsaoy0xM9beKpeOklo0 r3vEjc+ti06bUGm05Dsqj/ILzKB5CgIIIIAAAgggsAMCreIxWaORV5uLEmO1CZx5nnrFZcq8 5TYFb7pNVWbMdDOzrCpYrbUFaxJ7zzHTEpqBHiqeNkPB9u23OGL6rNkyo7FV0Sxbpeu3cZke ayv1i5gx5QXrl22x4S8syBr9ssyIdBXfe5eCQ9ZfvFhSlljbbXpzW5khHHG/X6s22W92i5ZK sraZ/KOC5t9bK9tVNzOri7l0st76Z5sx00lmxpXif72t4O8OV0szi4jHjLvOP/IIReu0tSFt 2Vb9sk3CbbV17YD+qjrBXFy5tVInhkXTZ6k6d8uEvdnc+bIubS0tr1DFDsZra4e3Xmtp4uGR ubagkUujJd8ReVVUEWzk6rN7BBBAAAEEEHCaQMv1HaZrK6sVCWzMJYpPPlkpjz2pJDMf9bo2 bRPNro5EN+Qb7n32UavPv5TXJJtFh5rp+jYtZhx2zltvJ5YUDRig0vU5iiscSyTfsVB4h/OW 9ILCxP6Ks3NVVSfnyXnL9NCvL5vlQwfsrzaffCqvmb2laMjQDevU94/tqZvLfGmwkm/rS0rd vCt83HHqaJJv95tvqyopVZ4lS1UxeJAKMs20inXq25C2bLN+BxyoNmY6Qa8Zo110+O/qa+IW y2pj6DbTQhYN3mSsulnTbb4otTTxtUpFA+K1xcHqLMgxuesenXz7zReHrs07b6udvI4AAggg gAACCGwm4HbVzMLRKaeD4jlmGMcmJW6Nr/7j5cp9zcwFbUpaUtqGfMN1sRkC8uTTyjDJbff/ TVH0pI0X7fnuv0u+hYsU79BJuWdeoFxrGMb6Yh3Dn5+vvORcxdOsvvHtK/4e5qYx4/+rTu// R6Ghx2yYzcM9baoC/3gssROX6WneNB9yXXKN4k8/p4xPP1PPl95Q+BozfeIms464p/6oePPm iretmfFkm3Wz5jM3xefxbZl3nTZS8ZtuVdbnXygtwyTc1npnn7/lemZ5Q9pi7W+r9bvsWsWf f0HpX45Xz8efU/hmM7vLpnOemy8OnvFfKG5+iYjtY25MZIrrIjPN4BNPqdn7HyjlvEsVPWRo Yrk1243/7j/IU1bzy0JuWo6ydnKeaeWuJvtu9NJoPd8u863Vsyta0OhEHAABBBBAAAEEdqVA 7SWKVh4Rr5NLxM+5UPGHHpBrac3FfG65NuYbLdsq/NRo+c7/vQLnnqnYoAOkjp3kmjldrtmz zBSAGYqYhNfjswZDbCyxo4+X55XRSjpgX8UHH6B4IEnxnr0V/cM1W2127JIrzd03X5T3uX/K M+FrxfuaG9yYIbfur75U1Mwn7h73vlwV6zbPh9KyFHntbflOOUY+M9Wgd/Sziu9r5swOh+Wa N0eu+XMVHvelYm1rLhrddt3W/0xgarpF3hVIUeyk0+R58Vl5XzPTMJrZV+InnbHlembbBrXF 2m5rdqmZCr/5vmnr0fI99Fd5Xx6teJ9+UnMzFn5NoVxTf5CruEiRZ19RdB9jYJXW7RV56Al5 Lz1fgeOOUGzIYYq3ai33d5PkWr3KuJ4jz5hXzLAkd73t2GrAtvGiy5oPfheUOhM87oIjcggE EEAAAQQQQKChAmYMdfR6c8fLXyhWshn6bKJix58s16IFcr9rLjgsLVH07PMUmvCDYgPNLdzr lMj9Dyl6nrkoMFQt91iTnJs7abo/GVd3tS2ex/O6K/TV94odc4IZy7JG7g/ekauwQJH7H1bk yee3WL92gfWlIDRpuqIXX2Hm+fYlknT3hK/MbeZTFL3xNsX23jgTSUPrtuFYZ569oR6xYaZ3 PjOr3no1tC3bql+83wCFv51REzMrif72mxqnRQsVNw6RJ55T9OjNx4NHh49UeOxHiu23v9yT Jsgz7gPFu/VQ6POJiS9Fe3pxvfbm8/GPPvpIwWBQp55yqrkZlJmaxpTZS1cpr0MH+RRuWBsj AVUH60yv07A9sRUCCCCAAAIIIIAAAo0qEEgyPd/e6gYdI2wy5gVLl6pXh5qZW8b8a4zGvj3W jLJJ0vDhwzfbJz3fDSJmIwQQQAABBBBAAAEEdlyA5HvHzdgCAQQQQAABBBBAAIEGCZB8N4iN jRBAAAEEEEAAAQQQ2HEBku8dN2MLBBBAAAEEEEAAAQQaJNBoUw02qDYN2Ci8eKLu+OuTWhix ppiXDhs2TId0CejfX03WsedcoM456Vud8DDijSrmimnmDz+rrGytDjposJli3ZRoSDM/eVVv TynSiRePUuq8L/Wfb6Zq6KU3qXtakgK7ZjaaBoiwCQI7ScCcFy5XscaMGa8lS9bpmhtGmgm9 zLUoO7D7kC+syoqQJn41RX369FSrli3MJSnm9CpdrrHPPaoZ/sG65MJhmjX2GZXm9tJ+Rw9T 5zh9AjtAzKp7uEB46bd69J+v6oBL7lXb8EK9/cxj2v/qh9WjXYZyaqZvbmAL44pGlmrM6+O1 dHlEt91+nD76cLymr87WiNN/q+wUV+JcpCCAwK4X2OM/5aIlyzR/xmQddfpwXX7jjdrnwAPV s1snnT7czO/pT9Umd6WtVzfmjqkyUqW773tAc+YvVqj2rqIxc5vZhdM05rU3NWXeWhUvm6tJ E77Uqipzty0mcanXkoXOErD+zF2uKs2aNUcTJ06XudGcYjvYxKgnpqkzp+nFl19XYdG6DTft jQfLNWvS53ri2TH6Ob9ai2Z8q2mzZ2utuaU0BYGmJBArXaFvvvi3FhZUqrgoX5O++EAL1pSp 6ld/zsTNHQ9LNWP6ND0/+k2VFy7SwoWz9NWUBSoPRnfBDbSbUhRpKwI7JrAjnVg7tudduHbc ZNjhUJXcnqCaN2+mRZ++pXtf+0wn3TNafzzxcmWnpmt+QVBXXDxEnvgiXf23KUpO9qt/v956 +O6RevzhO/TDxB+0ZNlyZXXuoVMP6b+htzwpLU2TpyxUXoskuaIeZZdW6e/P/lPj3ntPoVBI 555/uo46fqhOOvEq9d1rLxXM+lLlgbZq0bW/IvM/USitvc7682Masb9X3734lIY/OVsBd0gn H3e4rrjuSmWmpyhjF1pxKAQaKrDpvQfiwVW6/YpRmjRtrgrdbTXyjod01VC/nrj1z7r/U5Nk R6s06qILdP1F++rxe2/WlCnLdU1FXKNffVpdkjfWID0nRxMmzlVASUozt3jOLK7S2Vderjlz 5shv5vJ97Jl7FY4Gdf55d6pnu0wVLJquqpaD1bZFlsrnmDu2DThDN//9dg2K/aC/3fuCnhmf L2+4WDfffL2OPfU4Zfg8Zs8UBOwtYH5jUmXcq+j6X1QD8UrNMXdIvPbmm7Rmxc8qLSvViCcn 6Kwhacr/+FUd/+fPzQ0RXRrQq71uvOcK5XTI0Jk9zlSrDnkqqIjqjufuUp8BnZQTkpK9a9Wp ZbH+76OFWhcyt2OPR+UNrtbfLv+jvv5+hgrVUmfc8oAuzVuj359yhqr7nq3V8yarTaZX2V32 1cyZM9WxY0fd8+At6tSlrUbf83e9Y82DHQtp3wuf0gWjhqm3/1d/U7B3gKgdAjtZYI/v+bY8 1paW6aXX39Pjj7yokoKKBFHM9FxXV1crZN7Q4t5kvf/Ra/rd7w7TZx9/rcMO6K3LR52pNp06 q6A0qLsefEI99+qr80aeqwMHmrtTbVL22StPRUtmasXaoKpNirBmTYlSU9J02WWXaXDfbpo5 Y4ZWWq9F09Sn/8F6+aVnlZOVq3Zd++jjjz9Qvx5d9e2EmZpnJva/4+6HdeyJx+r0M0/Vf/7z sb6a8BO9D5tp82RPEchfuljt27TSeRdebBLhVvpp6nKVLV6jT/77vU455gCNHHm2iteVKexN N18yb9EAc1OLO2+/Xr46w7VOOuJA/fTDBBVWxMy54NGiRSuUl5en80cMV7aZb/XbH2eqSily +XJ16eVX6767btP8+cs07PjT9PRTj6h45XLNm1umKeM+0TffT9WZZ5+uo485SnfecZdmz1tl 7oxHQWDPEwhF3Zo+fa7ckUqdNeIinXDGSBWuWKT8uUv0tLlF98FDD9GI889WSUmJ3nn3Q1Wt iypoPusGHXSA3vvgVe3dpYOS1/+KWx1LUZ9Bx2qm+aUpXLo6gVGwfLkZAtZS5190iTqaW5jP nrZcleGQYubL6uEnna5HHrlfsYpi9Rp0mF4e87K5DXulfvpxkr768jO9YO5WeNzpI3XUScP1 8mMPa9bUwsTnGOfanvd3Ro13n4Ajku+s3JY699obdP/9N6tT89TNNKtMv1e7Hv0UMItbtWmn P1x5m4b1zdVb/3xQS1eVaW00VaXKSiToXo9HOaabzLPJl/gO2X4d1D1bYz/9XuuUqnXr1ik/ v0CrVq1SerRI1VXrtDqYpIpwrjrlHaCMFHPzqIwc0/O9j9WXoVR3RBVlQc2YvShxu6L0JHOM Zs104YUXqnmb1gr+qjF9u+8PhyM3bYHK8rVaW7Bcq9aUKhyJq6KiQoEWebryT3cqpWSuvvr3 OOWXhhPnVqU7UzFPklK9bjU358emZUD7FHVrHtDEWSsUkl+FhYXm/MpXeXGBUiNrVFAeUWE4 Re5AZ+W0aK+2Ocly+5qreee9zS9IQfliYRUVVWn67AXyZ/twQwAAIABJREFUmP0H3HF17dJF N9x4gwLmVyvTmU5BYI8TiHkCOuTQwTr79GP1/Jj3NHl+gdzBUhUXFmvtukplpfiU5PXquOOO 0/4DD1E0GFDYl6XmHTorKd181gW8ylx/f7yKWJY8OYP1m565mvvtfxIWVtKeX1CglYUlifO3 ypy/66LmF6skv9I69VVGpl+tk0PK7Xmwqt1htdFKhdYu1+zpk1XuzlaFN1cpbXrpmusuVqss t8wolh0ekrbHBYUKI7ATBRyRfFseLpMwp/jcSvdv2aR08yHsdrtVvWaxPnnpEa1N7a6/PjNa 3vJlmvHtTEWrvMo1P775Va4ys69NP6/XKU3dDzpalWZceYtoibnwbJLG/XeChh5/tjLMz+AR j7l4LBo13/o3+d5vfg5MSja/rQcCG0LVp09feUxW37lzBw3ar48mTZqk7NYmqeA38Z3458yu GkMgSUEzNKrM/O4TTlxwaZ0jkyZM0Ndff639jxumpGaZSjbjwQsXTNPYl55W36NH6pLLL9SM 8R/q5zlr5A9HE+dXyGxvbbtpWWNe6T14iLxL5inTVaQJE97R19MWaeBhR8hnvgnHzQGjkdoL MdZv6TVDSazzyyQftWXgwIEK+H0aMmSwsnOyNG7cOGW3STM95nUOyFMEbCaQ2rq1XJEyVc77 TsvWerXY3U17ZVVq5v/G69uZS/TcE/dp2L6dzK+338md0lzZ2VlKS0/XiScerp9//lkVoTVK yYqYz0CXUsx5YQ1Hqa8cedRR5vNraeKlWZO/0bdffaqDTjxKydnNlGTO33id88z6vMpK9pjP 1Zq9Wedq+wNOVWtfiQ4b0E775WXqvY+/UVqrXHPM+o7IMgQQ+CWBPX7Mt8vrV2p6pnzmjcI6 /623HbcvSSlmnLfXvCOkp6cqYL7NWyXQooV+O+xQHfunx+Q2F3YdOLCvfnPAAUo1vdHNzQf2 c8++pKQO/XX6oQMT6/sCKQqYN7PcFik6bMghWlZeqv0HD9T4L6frhJNO0XGD4nL5WypYVaWs zDR5TfIvt1epqeaY5ue7uMuj5JRU84YYULv+A/Two4/ryBvukt8k7Ldcf7VZL4k3rYQ0xbYC ZuaRlOQkzTIXTQ7o39+kz17tNWio7rngMCWZc+yiSy9Rbm4/pZhzI9dc5zB40CBdff1fzCwK YZ3z+zPUpXMXrVlapnWla01v9F165a1XzSBUc566zbmRliGPL6COnZqrX5+9lWzO03NOOEsf fniDbrz5VnXNjZqe8AL1MUl2hrk2wm22cZvzPXGumfPd5fIrPc2ca16X+h96tAbPXKWzzjpP 6SZZeO31V+QxveDWl3IKAnYWcJtfbi8xwxjPufsuMywrrFtuvE7tW+Qofb9BGj/2fY0860zT cePRKXe8o6798nTNrbdp6KhH9eKLL+qkow831y71Nb3XIdNbnS6fb/OPdJcZypWSnCJPkk+B Nu01cNBgrUhJ0lEmEZ/875fM0JUL1Lr1AMm/TpFYqtIym5nPJ7OVx2c+V7MSn1XWL8KJc9VM YDD4QPMecOFIXXPFJabn3aVRj36VOMd+Id+3Mzt1Q2C3Crhee/P5+EcffaRgMKhTTzlVZ51+ VqJCs5euUl6HDokP0QaVSEDVwV3zyRcxF1yWV8eVHnCbhLumttWRmKrMkI6AWVZZGTH/7zVv FjXTpJWZi1DC4ZrxHl7TixYIuGRdTFZdbcadRmNqlmI+5Nd/aleEYoqY7jdrnWpzDJcrbi4E c5uf2Wt6GqxeBqvHwW8uOKkyB/T7vYkOOevfycleM/a8Zr/W61ZPQtRcURO0fqMzJSXFm3jT 2tg/3iBpNkKgUQWsd4B1VWZKzk2mDqo9b6zzwPpVyRrxaSUIPpP41p5HVqWs88FaZn4cMsvN L0TmRMtJ3ZggFJtz00oYzKaJ163z1TqfrHPW43EnjukzX2TdJpEOh2vOPetwVaY+yaZXLmJO 4+rqiPkiW7NP69gRc+4nfgkz55e1dI/vYWjU6LJzOwhYv5tWmL9b6++39rwx+bLc5vOo3Ppc MitY50VqwHxemXMlaK1vzj2rBMwCr0mErXMrGIwlniebc6T209daa535zLG+vNaenz6zvsc8 as7fmjWt883ncyU+n6zjWD8iF5ljpJtzy2Pqsc7Uw28+05LN6kEznsv6bLRKmnmdz7AEBcUB AgFzrZG85qegBpSwyZgXLF2qXh1aJ7Ye868xGvv2WCUlJWn48OGb7dERn0sek8Gmm3cE8560 ofhNFu5Z37rM9R/Mtb+MpVgd4SYp2KyYNxRfkrWGO9GDXluSzTtQ7TAUr0nAa9/Save56T58 5sO+tqSbN6lEMTvzW++E64vVYxfYJPnYNV9PNhyefyCwwwLWeZVuEt36Sr3nwfrzaNP1zXdc BcyX2rol05wztQO2/JscY8v9mvNmk4sxautjfdG1xr7WFq9J3s3A7w3PNz2X6x6b5wjYSSDJ fGZZj9pifTZYCXF6invDOVL7qvUXv8U5YpJzXz3nqbVNmvl1t7bUfM7VPNtiH2axtY/a41iv 19YjbZN6+M2vvIlfek3hM2wDLf9AYLsFHJF8Wyd/3YbUt6xWpe66W9Oy3l74AN+aEK85XaAx z4Et03Gna9I+BLYU2NrnVX3nyK76DNv0OJvWozHfE7bUYQkCzhMgr3ReTGkRAggggAACCCCA gE0FSL5tGhiqhQACCCCAAAIIIOA8AZJv58WUFiGAAAIIIIAAAgjYVIDk26aBoVoIIIAAAggg gAACzhMg+XZeTGkRAggggAACCCCAgE0FduSi6R1qQrXZc5m7fIe2YWUEEEAAAQQQQAABBHaH QIY3bZfMW99oybdHUWWlpOwOO46JAAIIIIAAAggggMAOCZhbIe7Q+g1dudGSb69q7r7V0Iqx HQIIIIAAAggggAACThNgzLfTIkp7EEAAAQQQQAABBGwrQPJt29BQMQQQQAABBBBAAAGnCZB8 Oy2itAcBBBBAAAEEEEDAtgIk37YNDRVDAAEEEEAAAQQQcJoAybfTIkp7EEAAAQQQQAABBGwr QPJt29BQMQQQQAABBBBAAAGnCZB8Oy2itAcBBBBAAAEEEEDAtgIk37YNDRVDAAEEEEAAAQQQ cJoAybfTIkp7EEAAAQQQQAABBGwrQPJt29BQMQQQQAABBBBAAAGnCZB8Oy2itAcBBBBAAAEE EEDAtgIk37YNDRVDAAEEEEAAAQQQcJoAybfTIkp7EEAAAQQQQAABBGwrQPJt29BQMQQQQAAB BBBAAAGnCZB8Oy2itAcBBBBAAAEEEEDAtgIk37YNDRVDAAEEEEAAAQQQcJoAybfTIkp7EEAA AQQQQAABBGwrQPJt29BQMQQQQAABBBBAAAGnCZB8Oy2itAcBBBBAAAEEEEDAtgIk37YNDRVD AAEEEEAAAQQQcJoAybfTIkp7EEAAAQQQQAABBGwrQPJt29BQMQQQQAABBBBAAAGnCZB8Oy2i tAcBBBBAAAEEEEDAtgIk37YNDRVDAAEEEEAAAQQQcJoAybfTIkp7EEAAAQQQQAABBGwrQPJt 29BQMQQQQAABBBBAAAGnCZB8Oy2itAcBBBBAAAEEEEDAtgIk37YNDRVDAAEEEEAAAQQQcJoA ybfTIkp7EEAAAQQQQAABBGwrQPJt29BQMQQQQAABBBBAAAGnCZB8Oy2itAcBBBBAAAEEEEDA tgIk37YNDRVDAAEEEEAAAQQQcJoAybfTIkp7EEAAAQQQQAABBGwrQPJt29BQMQQQQAABBBBA AAGnCZB8Oy2itAcBBBBAAAEEEEDAtgIk37YNDRVDAAEEEEAAAQQQcJoAybfTIkp7EEAAAQQQ QAABBGwrQPJt29BQMQQQQAABBBBAAAGnCZB8Oy2itAcBBBBAAAEEEEDAtgIk37YNDRVDAAEE EEAAAQQQcJoAybfTIkp7EEAAAQQQQAABBGwrQPJt29BQMQQQQAABBBBAAAGnCZB8Oy2itAcB BBBAAAEEEEDAtgIk37YNDRVDAAEEEEAAAQQQcJoAybfTIkp7EEAAAQQQQAABBGwrQPJt29BQ MQQQQAABBBBAAAGnCZB8Oy2itAcBBBBAAAEEEEDAtgIk37YNDRVDAAEEEEAAAQQQcJoAybfT Ikp7EEAAAQQQQAABBGwrQPJt29BQMQQQQAABBBBAAAGnCZB8Oy2itAcBBBBAAAEEEEDAtgIk 37YNDRVDAAEEEEAAAQQQcJoAybfTIkp7EEAAAQQQQAABBGwrQPJt29BQMQQQQAABBBBAAAGn CZB8Oy2itAcBBBBAAAEEEEDAtgIk37YNDRVDAAEEEEAAAQQQcJoAybfTIkp7EEAAAQQQQAAB BGwrQPJt29BQMQQQQAABBBBAAAGnCZB8Oy2itAcBBBBAAAEEEEDAtgIk37YNDRVDAAEEEEAA AQQQcJoAybfTIkp7EEAAAQQQQAABBGwrQPJt29BQMQQQQAABBBBAAAGnCZB8Oy2itAcBBBBA AAEEEEDAtgIk37YNDRVDAAEEEEAAAQQQcJoAybfTIkp7EEAAAQQQQAABBGwrQPJt29BQMQQQ QAABBBBAAAGnCZB8Oy2itAcBBBBAAAEEEEDAtgIk37YNDRVDAAEEEEAAAQQQcJoAybfTIkp7 EEAAAQQQQAABBGwrQPJt29BQMQQQQAABBBBAAAGnCZB8Oy2itAcBBBBAAAEEEEDAtgIk37YN DRVDAAEEEEAAAQQQcJoAybfTIkp7EEAAAQQQQAABBGwrQPJt29BQMQQQQAABBBBAAAGnCZB8 Oy2itAcBBBBAAAEEEEDAtgIk37YNDRVDAAEEEEAAAQQQcJoAybfTIkp7EEAAAQQQQAABBGwr QPJt29BQMQQQQAABBBBAAAGnCZB8Oy2itAcBBBBAAAEEEEDAtgIk37YNDRVDAAEEEEAAAQQQ cJoAybfTIkp7EEAAAQQQQAABBGwrQPJt29BQMQQQQAABBBBAAAGnCZB8Oy2itAcBBBBAAAEE EEDAtgIk37YNDRVDAAEEEEAAAQQQcJoAybfTIkp7EEAAAQQQQAABBGwrQPJt29BQMQQQQAAB BBBAAAGnCZB8Oy2itAcBBBBAAAEEEEDAtgIk37YNDRVDAAEEEEAAAQQQcJoAybfTIkp7EEAA AQQQQAABBGwrQPJt29BQMQQQQAABBBBAAAGnCZB8Oy2itAcBBBBAAAEEEEDAtgIk37YNDRVD AAEEEEAAAQQQcJoAybfTIkp7EEAAAQQQQAABBGwrQPJt29BQMQQQQAABBBBAAAGnCZB8Oy2i tAcBBBBAAAEEEEDAtgIk37YNDRVDAAEEEEAAAQQQcJoAybfTIkp7EEAAAQQQQAABBGwrQPJt 29BQMQQQQAABBBBAAAGnCZB8Oy2itAcBBBBAAAEEEEDAtgIk37YNDRVDAAEEEEAAAQQQcJoA ybfTIkp7EEAAAQQQQAABBGwrQPJt29BQMQQQQAABBBBAAAGnCZB8Oy2itAcBBBBAAAEEEEDA tgIk37YNDRVDAAEEEEAAAQQQcJoAybfTIkp7EEAAAQQQQAABBGwrQPJt29BQMQQQQAABBBBA AAGnCZB8Oy2itAcBBBBAAAEEEEDAtgIk37YNDRVDAAEEEEAAAQQQcJoAybfTIkp7EEAAAQQQ QAABBGwrQPJt29BQMQQQQAABBBBAAAGnCZB8Oy2itAcBBBBAAAEEEEDAtgIk37YNDRVDAAEE EEAAAQQQcJoAybfTIkp7EEAAAQQQQAABBGwrQPJt29BQMQQQQAABBBBAAAGnCZB8Oy2itAcB BBBAAAEEEEDAtgIk37YNDRVDAAEEEEAAAQQQcJoAybfTIkp7EEAAAQQQQAABBGwrQPJt29BQ MQQQQAABBBBAAAGnCZB8Oy2itAcBBBBAAAEEEEDAtgIk37YNDRVDAAEEEEAAAQQQcJoAybfT Ikp7EEAAAQQQQAABBGwrQPJt29BQMQQQQAABBBBAAAGnCZB8Oy2itAcBBBBAAAEEEEDAtgIk 37YNDRVDAAEEEEAAAQQQcJoAybfTIkp7EEAAAQQQQAABBGwrQPJt29BQMQQQQAABBBBAAAGn CZB8Oy2itAcBBBBAAAEEEEDAtgIk37YNDRVDAAEEEEAAAQQQcJoAybfTIkp7EEAAAQQQQAAB BGwrQPJt29BQMQQQQAABBBBAAAGnCZB8Oy2itAcBBBBAAAEEEEDAtgIk37YNDRVDAAEEEEAA AQQQcJoAybfTIkp7EEAAAQQQQAABBGwrQPJt29BQMQQQQAABBBBAAAGnCZB8Oy2itAcBBBBA AAEEEEDAtgIk37YNDRVDAAEEEEAAAQQQcJoAybfTIkp7EEAAAQQQQAABBGwrQPJt29BQMQQQ QAABBBBAAAGnCZB8Oy2itAcBBBBAAAEEEEDAtgIk37YNDRVDAAEEEEAAAQQQcJoAybfTIkp7 EEAAAQQQQAABBGwrQPJt29BQMQQQQAABBBBAAAGnCZB8Oy2itAcBBBBAAAEEEEDAtgIk37YN DRVDAAEEEEAAAQQQcJoAybfTIkp7EEAAAQQQQAABBGwrQPJt29BQMQQQQAABBBBAAAGnCZB8 Oy2itAcBBBBAAAEEEEDAtgIk37YNDRVDAAEEEEAAAQQQcJoAybfTIkp7EEAAAQQQQAABBGwr QPJt29BQMQQQQAABBBBAAAGnCZB8Oy2itAcBBBBAAAEEEEDAtgIk37YNDRVDAAEEEEAAAQQQ cJoAybfTIkp7EEAAAQQQQAABBGwrQPJt29BQMQQQQAABBBBAAAGnCZB8Oy2itAcBBBBAAAEE EEDAtgIk37YNDRVDAAEEEEAAAQQQcJoAybfTIkp7EEAAAQQQQAABBGwrQPJt29BQMQQQQAAB BBBAAAGnCZB8Oy2itAcBBBBAAAEEEEDAtgIk37YNDRVDAAEEEEAAAQQQcJoAybfTIkp7EEAA AQQQQAABBGwrQPJt29BQMQQQQAABBBBAAAGnCZB8Oy2itAcBBBBAAAEEEEDAtgIk37YNDRVD AAEEEEAAAQQQcJoAybfTIkp7EEAAAQQQQAABBGwrQPJt29BQMQQQQAABBBBAAAGnCZB8Oy2i tAcBBBBAAAEEEEDAtgIk37YNDRVDAAEEEEAAAQQQcJoAybfTIkp7EEAAAQQQQAABBGwrQPJt 29BQMQQQQAABBBBAAAGnCZB8Oy2itAcBBBBAAAEEEEDAtgIk37YNDRVDAAEEEEAAAQQQcJoA ybfTIkp7EEAAAQQQQAABBGwrQPJt29BQMQQQQAABBBBAAAGnCZB8Oy2itAcBBBBAAAEEEEDA tgIk37YNDRVDAAEEEEAAAQQQcJoAybfTIkp7EEAAAQQQQAABBGwrQPJt29BQMQQQQAABBBBA AAGnCZB8Oy2itAcBBBBAAAEEEEDAtgIk37YNDRVDAAEEEEAAAQQQcJoAybfTIkp7EEAAAQQQ QAABBGwrQPJt29BQMQQQQAABBBBAAAGnCXgbs0GlZaWNuXv2jQACCCCAAAIIIIDAThHIzMjc KfvZ1k4aNfkuXFO4rePzOgIIIIAAAggggAACu13AEcl3Xpe83Q5JBRBAAAEEEEAAAQQQsIsA Y77tEgnqgQACCCCAAAIIIOB4gUZMvuMGzzzirg2IcfPvmGoe1qtblpptrPUat8RMzWKKmLrU X49tHX1jPeNmHxQEEEAAAQQQQAABBLZHoBHHfIdUsDpfkyfOVcRdrZg7olA4S63at9FeA/so 0x2W1yTAm5dqrV5VqBX5Ut+9O8nnjW5PGxqwTpnmLViqRZXp+k3vzkrbYYWw1pWt1eRpRTpg cF8F/JEG1IFNEEAAAQQQQAABBJqaQCP2fFdpxYKZevM/k1RlcmiXy/QyR1bqvTdG67sp8xWr m3cn5Ku0dO4Mvffp96reZt4dVPXaRbr7H2+pqHLHsud4MKz/e/4l/Wvsh1q8qkiV8u1g3K3j +eTzhOV219uQHdwfqyOAAAIIIIAAAgg0BYEdy1p3SCQknyumnE69deQxJygzKapoZJncoaDm zFmuQwd0krZI/UOmNzyi6nr6xLc8dEThikJ98MlknT1yuHJStlzjl5aEfl6iiqISZXTP0ILl +Wrbrq1SXOFfWr2e5W6lZWTroAOzzWsk3/UAsQgBBBBAAAEEEECgHoEt0t961tlpi1xmfLTX 60v0giu+Rksmv6dDDh2h3ww9V8+/+IUi0ajKA7WHK1FFwY/63ZGjNOSwEXruhc9UFvIpqKSa FUwS/+zT/9TaVYt0yw23a1lRuZbP/VnnH3eyTh36O11/w936dk1U4c3GZEcUj1fpyU+Xq+2+ v9N5g2KaPHmKloStYSNBrf55gW4ddblOGXK4Rpx4pj5fXKmyaEiLvvxQ/Q8/SYOPOEN33vOK SkuLlL9gkk679DHlr6tW0aKvdfwJF+uIYefopsvP0GPPPKOvZy/XsKMv0Y033KOTfjdAo+4Z rZ/iSVq5bLoeeuJxTV5Zlhj/TkEAAQQQQAABBBBoOgKNm3zHYypcuUz/++pL/Xf8Zxr3+Qwt XL5WA/t2UKx8nW677T49+tTDev21xzVz0qdaVVikcKwmuY5VVOqhv9ytex64Sy+//JiWLZil 6fMWml7x9cWfpIsuvkQtW7fTAw/cqawUl5558VVdePVNGjPufXXL66xvvvjG9LZvekllWBWF izXui0915AnHKq9nf+WvLFT+ijLFY1FN/WGy9ttvPzNU5t+67pYbNeenGYoHKzXmzVf0+EOP 6d2xb6hLry4qXptvOu1rxsWEyqv0ygtv6qrr/qh/vf28unRuq4rympsLlVVFzHFO0TOjn9fK xUtUVS61ad9Vl11+qbq2yWnw5Z5N58+TliKAAAIIIIAAAs4SaNTkOzGvSUVxIgGfPXOyrrvr A+190Ck6uG9brVm+TsnJndSySys1z/Vp7xYhzVtUpapwTkI4WlypctM7/H+fvKvX3zC9zYt/ 1M/561RSxz8kvxmoYoaMlC3QuniqkvL2kTc5rs4dW8lbVKpYold7fYlXaNKnb2pVdbmeHfO6 nn/1Qy38aZG+fPt/ZlC6W9179lJ+QYEeffIR/ffHb3Xgvn3kTXJp6AmH693X3tNzz7ykYIpb zVrmmBHfNcNU8leVqKoiVR3NhZvu1IAG9MtTRkrNGHJXeiu175antGSvcrwBpYasepg6yqNm dfrk6zSLpwgggAACCCCAAAIOFGjEMd/WLIMeterWRyefeYaSXBVq5XlJ0z59VZ363KQWgZgC 4WKVxtxKibsVDLsUyIiosiy4gdnn86m/GQLSIhBVy8OHKrlzd6XVGwS3XN4U05MclSdqTf5X rnC0WpWeLJNUezZsUVkU08RvVuuvd96qZsluZZpLLQ/aO1/PP/mUZpx9kDr13FdHDW+j0nUz NHfSN3rurU/1l1En6qDDz5WnY76Ca4o048NxWto6pNRm/sR+k3ym/h5reEtcIfOIRiKKmuEz VvH5PEpKMt9vEkk3BQEEEEAAAQQQQKCpCzRqz7fJfE2vtNukpC75A8ka9vvjVVq4Qv8eP1HJ LZorVFmumbMXafWKlSosKFL7Dq3NJtHESGhf8+bKbdlSwYhXHcwFkV++/4FWLVtuLsXcpJix 46HqoNk2qNT0THk9Hk37YbbpiS7X4nnzlJYVkNckx7XlmwnfmecZOmi/fmYqw7201979NPC3 B2lgr/b69Kvv9M8X39N/Pv9ReV07q13LbK1ZW6a1q9fo2gsuVczrVa/uXZRhhqeEglUKu2v2 26J1a3nMMSZ+M1XlpWX64auvVFW18QvEln9gZoZxM9VLw+YX33JvLEEAAQQQQAABBBDYcwQa MfnOlDujjfq2z5TV+WuV5IxmOmXEuSr5caZKqmO67YXR+t+TD+revz2l7iOuVbu01uqYnKa9 22UokJyiKx58UPNe+4fuv/EWxfsfrL49Opje6trENk2B1gN0/tBW+mj0PZq8JlXXX3OaFn// mK668mlF/C10/DH7yuTjppiEN7pOZXGvfnPapcoy+0ir7Y42rw8dfoqWLlmkk47ZT9HS/+qP lz+i//tvie65/DR17JCuq/40Si889GfdeMetWrPfAerWf4iyXNnaLy9Hqal+Db/2D1r8xTg9 ev2fVVjeXjktuiktLVUH9mqpTI9PEV9z9clrrebmm0PB6jl6+V9vaHphJRdc7jnnCTVFAAEE EEAAAQR2ioDrtTefj3/00UcKBoM69ZRTddbpZyV2PHvpKuV16LBhbPOOH83MLGINBIkF5DFT DrrMQ6YfPG6GmETjfnncIfOqWWYusAyZru5q80hLJNa125h5SkwvuGImeTU93FVmTHaqGVZi 9aNvVmLWYBOp0u1RstnemqpQsTRFzf7MSBYFzKs197GMKGaSb+vhNTf82VisMSExM1AlLdHW JOuSzlhqou7V5kuDNzHxoTW+OylxR8wqM147xSTuHrNNxLo4tKpU0yZ+ppzeQ9Q8J0fvvz5W VUl+HXf6iWrmNnsx7fa4QsbBb/bpNsdeZ7b2m736zRGtPVIQQAABBBBAAAEE9mSBsMkiFyxd ql7WKA5TxvxrjMa+PdYMP07S8OHDN2taI4759iYSy80TXbPMLPS6rOTX6g43D5MIW6Ona0ZQ 11SnZpvE1ub1uPlvXOlWol5fMa9bndvpVtKdGJRibRNJLNs42tva0Cu32aU7cexNS82Ra7a3 jmkSanfN0JeaeVc27qmmHhvrbtUz7o2rIn+1Hnz7TjP8JFmtU9tq+IVnJIbAeF21vfRe82XD qr/1SFrf3rr1qFMtniKAAAIIIIAAAgg4TqARk2/HWdXbIFcgTQefeYH2Pcm63NKk+B6vGd/u N18ytjbuu95dsRABBBBAAAEEEEDA4QIk3zshwG5zMWaqeVAQQAABBBBAAAEEENiaQCNecLm1 w/IaAggggAACCCCAAAJNT4Dku+nFnBYjgAACCCBb7/M1AAAVT0lEQVSAAAII7CYBku/dBM9h EUAAAQQQQAABBJqeAMl304s5LUYAAQQQQAABBBDYTQKNepXgT7N/2k3N4rBOE8hulq1WrVo5 rVm0BwEEEEAAAQSamECjJt8ff/ax9t9//yZGSnO3JvDhhx9u7eV6X3O73Tr4wINJvuvVYSEC CCCAAAII7EkCjZp8BwIB7bvPvuZGO416mD3Ju8nX9csvvtSIc0bskMOjTzy6Q+uzMgIIIIAA AgggYFeBRs2KXeZ2ln5PzR0k7QpAvXatgNfMh24NHwnHwtt14CRvzX1Gt2tlVkIAAQQQQAAB BGwuwAWXNg8Q1UMAAQQQQAABBBBwjgDJt3NiSUsQQAABBBBAAAEEbC7QqMNObN52qrebBGKx mEKh0HYdPeANbNd6rIQAAggggAACCOwJArs/+Y64VO32qMpclJmpoFxxwxZ1qdLjVcjlUZZZ tuPFbBM3Y82jKZKnWnGXFIoEFDb9/BHzqH+fQUVjAUViyfJ7q+WSVRFKYwjE43FZCfh2FcKw XUyshAACCCCAAAJ7hsDuHXZikrCPX3lVf7/vAQWjNclYuKpKz917n8a++bbC5nWTQZtHTPG4 2/zLephM2jw32XXif2GzLFK7zMqyzXqh6mr9/a8PqHv3Xtpv/4M0yDz2HzhId9zxgNaWVW22 vbWttY/q4Do99LeH9crr/1Esah23Zv/W8azXKQgggAACCCCAAAII/FqB3d7znV6tROpcZvLb Fub/3SbntZZVmOdl5oWSWZP08WdTTAKcraNOP0GtW+cqI75WP3zzg6Z8N035yc104QUj1Cxc pElfT9OqFWsUdhWqUik6/5aHdM15h5kZV6IqWv61rv7TWH07fZk6H9xCK5cu17h3PlWRL0Un jzhPnT3l8pikvkxe89+QKkuK9ebL76jEnaTDTj1d+7RK/bXWbF+PwFNPPbvF0rZt2+j444/Z YjkLEEAAAQQQQACBPV3Atl26AXeZ6W9eqbvufEfNsjqqbM1PevKZ501aLK1e+JNef/M9rQpk auF/v9Bnr4xWZVW+Hnv6ZU38qUitWqQp3V2l1A191m4Fq1urIuaR/KYXPRLSa08/q5kl1fKW FemFW69R0EyLWOk1r1slVqU3HnlQXy9fp8LVK/XB44+oQj4zAGa3f1fZ0//etqh/Wlqqbrnl 9g2P22+/Uzk52VusxwIEEEAAAQQQQMAJArbNJr0ua9x1uabNXKM/33WETjtzfy2tSlPUDEVZ PXeWfCnpGnb2udr76MN0zfV/0JEn9FB1IE2nnDtcv+lerLnTXtBtN1yr++64zOwnqma+VJ19 /U3q3z/PdKcv1JKFi3TRcw+qc3WhzjjkQC268njTY271wZtSVqwvPvxAZ74xXYObhXXryBEq qowqO8W2XHvU36J1sWVpaWmizscee5QqKip08823J55PmPCFWrZsseH1zNTMPaptVBYBBBBA AAEEENiawG7PJt1p6xQqrlaVNV7b/M9ca6nSFLf87mz51V0vP3uqfn/iPgpVRHT8X57RWSOH qTrk0wcvj9ab//eevOaCzb17ddfa1dZ474B8/pomuZMyddMDj5phJ/tp/Adjdf8TX+uow49S K/N6+bwyhap88qe45PV41LlNtiqiPtNP7quxMvuZvyhfVx11oDymXgGXXytWrFB2t45bs+S1 7RSIm/H0m15wecYZp6qoqFiHHTZEzZvnbvaatS4FAQQQQAABBBBwisDuTb5NT3N6pw4qmPSj QgUr5WqVo9KKSi0vd+vA3FaqWLVI+UG3JsycpkU/ztGpf35Kp50zTMlZyTp31PkaftUtiqyt 0NKl89W8ZZrcLuvizLrFpyFHn6SJU5bpqSee0DV/vkXderRWIFkqX7lGayKVmpcfVE6q1yT7 6++66Her78Deuvyxd9Q2u5lmTJmuXnkdzZhwSmMJXHbZqMbaNftFAAEEEEAAAQRsI7B7k2/D 0G6vnurS6Ts9+acb5fcFVBXxqEXXIerTK0/e6tW6/+HnzMwn4+RaW6ITjjlBplNc2Xt3Vdm4 Sbru0uu0prhC5557ovr3M/OWuOq7ZXmSAqa3+5LzBuu6m/+lZ1/4TH+7up/2G9JPd1xqjukP 6NQ/3KtOOSlKljUTiikmET/1vDN10x9uVlp6mvbaq58O/N0B8tQOS7FN+KgIAggggAACCCCA wJ4ksNuT78xmHXTRqD9q1ep8RSJRecz83i1bt1dWRsCMQsnW6CceUeW6dYlLHVt17qpktxkc kttLf7z+WhWuKTGDElzK69pZPm9Yj/21o3JbJMnta6Ozzj1XMTNTic+aPsX0WbfsdIgefLiv qq35v10ZOvXcSzVwSH5iqEte1zz5fCFdMOIiuTwpZihKQEecfKE69V1h9h9X27btTNIf2ZPi auu6xsy0ktVmOsjtKow62S4mVkIAAQQQQACBPUNgtyffVmKckZGZeGxZPOrUoX2dxSYbc/nU vEWLxGNj8apDOzOWJFF8ys7J2Ww7l0nEW7VptWFZSmqGevfO2GSdgHJzNt5N0etPMa932+R1 ssDNQH/FE+sLjXWjHQoCCCCAAAIIINDUBGw71WBTCwTtRQABBBBAAAEEEHC+gA16vp2PTAs3 F7BmOolEGMbD3wUCCCCAAAIIND0Bku+mF/Pd3uKMtAwFOmwc4rO1Crnc6+de39pKvIYAAggg gAACCOwhAiTfe0ignFLNgsIC3XzbzTvUHLeb0VE7BMbKCCCAAAIIIGBbgUZNvlOSU/TSqy/Z tvFUbNcL9Nm7T4MOmpWV1aDt2AgBBBBAAAEEELCTQKMm3yPOHmGntlIXBBBAAAEEEEAAAQR2 qwC/5+9Wfg6OAAIIIIAAAggg0JQESL6bUrRpKwIIIIAAAggggMBuFSD53q38HBwBBBBAAAEE EECgKQmQfDelaNNWBBBAAAEEEEAAgd0qQPK9W/k5OAIIIIAAAggggEBTEiD5bkrRpq0IIIAA AggggAACu1WA5Hu38nNwBBBAAAEEEEAAgaYkQPLdlKJNWxFAAAEEEEAAAQR2qwDJ927l5+AI IIAAAggggAACTUmA5LspRZu2IoAAAggggAACCOxWAZLv3crPwRFAAAEEEEAAAQSakoD3lxob i8VVUVkpj6K/tArLEUAAAQQQQAABBBBo8gJRhWXlzttTfjH5zkjPUHlV9fbsg3UQQAABBBBA AAEEEGjCAhFZufP2lF9MvtvmbN8OtucgrIMAAggggAACCCCAgPMFYtts4i8m325te+Nt7p0V EEAAAQQQQAABBBBAYIMAF1zyx4AAAggggAACCCCAwC4SIPneRdAcBgEEEEAAAQQQQACBXxx2 Ag0CCCCAAAIIIIBA0xFYvGxxoze2U/tOWxxjVxx3i4M2YEGHdh3kdv36fmuS7wbgswkCCCCA AAIIIOAkgTnz56htp97ymNnyvI00y3RpSaXee/u/OuGUIRvops3/WV07dpW/kY65s2JUVlql ce9O0LEn/eZX75Lk+1cTsgMEEEAAAQQQQGDPFgiFQ/J7/XKb+Ta8rsZpi8cTVlVlcLOdh8Nh +X0++VyNdNCd1BSPJ6LKOnVv6K5Jvhsqx3YIIIAAAggggICDBPwRKWRu8RJqpDbF65lIL6Bq +eIhc9xAIx115+y2vro3dM8k3w2VYzsEEEAAAQQQQMDRAnF5tU7FJUE989zLWr5quTwujw7/ 7eEacvQRpovcraKJ32ja6pXa7+QT1VpVikci+vLTSVq1Nqhhxx2l7KSGJdUu8xUgUrJcD784 RstXrFJqWpqOPfE09eu3r1IayTwejWrOV19olc+tvQ89VC3Cv358d31VbZy91nckliGAAAII IIAAAgjsMQIuxVVWsFh3336TSkvLdMHI83XC8Sfo3Xff07/ef1dVrpgK583Wd5P+pxJPTC5P lb777gu9NeZV9eidp5gZTrJpCYXCise37xbsZQUr9eQ9t6p9pzYaftEIde/fW/c//JhmmjHi 27eHBjDHYlo67QdNmzlVJd7Nj2LVfWcVer53liT7QQABBBBAAAEEnCRgxlrM/mGi3DnNddKN 16lPUrrc7nK1SJ2mi+8aq74HH1PT2qgZOhKp0NKFxbrh2gd039h31aN1K6XWuYiyvsQ7qCQz 8CSgTUd8+32z9MkXn2pCsK8eHXK6WjRLUf8uzbRg6gxN/WayDuyarKgZIlMWSlOlqUHU41Xn ZiUKmeHk0aokBWMeReMuVQWS1Cw5qBR3mSqLA6Yv3aUyT0qiNz5gxpj7oitlrqM0+8iQOyvZ fHmoaY41Dj1uEnFp/QLzr/rq3tBQk3w3VI7tEEAAAQQQQAABBwtEzBCSJfMWqU2btmqWliqZ hFcmge3as5dSYl+bxHylepjUWQpr2vQpun/U7Xr0kX8or10rmesTG1wi1RH9vHCxOnY7SGnp 5rimpKTk6K4771QoapLk6mW6/7Y79MEPSxSwkmRPst587wG9+sJbGv/JVPlTQlqzcoUOPuka 3XTFcfrssw91y19fVUZmqnKzOur6my5Vr56d9f4bH2j0q6+rNBTVyaOu1JmnnaRYYn+Ne/En yXeD/zTYEAEEEEAAAQQQcK5ANBpXQaVbGc1TlV6bj1rzXKdnmuHeboWWLVPIV6KZs77XpEfM vzPzlB9O0+BfecWmy4zwSPWkak1mlkwHdqKEQ80S/+83j1g4og7mC8Bzppe9ecV8nXfCsfp2 8RKtjvrlb7uvnn3wSC36+mNdNXqWhh+5j957+lld/fgbGrRXG+WP/0T+QIEWrynUnS9+oVdH P6e04FQde8kY7bfvobK+cKjOcJmaGuy8/5J87zxL9oQAAggggAACCDhGwGPy7Bx/SCvKylVm OoRzrZaZodB+kxzHAz75W2UrVmhmR4lm6vRzrlGHFXP04h1/UM5L76pvq0yl1zO7SV0cf9gv n1lv047yuMmwKyLrFFu71mTaZgsz+sPnL1bY9HpbPd9paT71bN9Kl19wkdLCJpEuKq/ZrdcM P+nWRSmpWfKlZZshMiVatGSVSmMB7d2puTL8Seo09Bi5/fma/eN4LZo9TZde9AczBKVcS+aW aG3+mrrVa5TnJN+NwspOEUAAAQQQQACBPUugOhhXdfXGCwtd5uLIrt27aPLkZcovrlCbQMD0 eFdrxneTVFFVqd79uyn4hdSn714aOOi3GhBro58mfq5773pIT9x/u3yezQd9J4Z01CmemFvh qs2PmxGIqYtJor//eoGKi0vkyUxROFKsB/7+kkKxXI0a0kr33nGPHnx2nDpnu3XG8WbmlfXF 5/fJHY6anN2aUyRmEvEMuXzJ8pn0PhwMqTLkMkNmguamPlHldemkV156Q5kpPpWZPnWXGeM+ ZULNjqqjIQWNR22pr+51mrLdT5ntZLupWBEBBBBAAAEEEGhCAmaISfd+g+UuLda7992rH374 QR9/NkmPvzBNp40crvQWZjaTYJYZBW66ppMqVZ7cQife8Be1WP61/v36aOU3cPhJWfVeGtTv YPUp+0Qvv/qYxs+arFdfmaCvv1mgA397pNaWlcm6G9CStT/riacfV0FBgdxlbvlML3rdslev bHVt59KL/3hRU8Z/rxtvulGPjvmfot2O15AeGfr+3y/p+8/e0u/PvUxFFY071ru2bp5TTjvh L/Pnz0+Mcendu7f67NWnbr15jgACCCCAAAIIIOBggfzCfOVktlU0urF32kpFU1JTdOCQI7To 56Wa+O1ELV2yVEcdeZSOOHJYzYwh1WaukuxcM9yjh1Jjplc5kK4WuW20eEWheppx2elJGxPi UCikpUuXqk+/vA2SBavLlJ2dvdlxrRfTszLVf9/+mjpzgaZPmaaKigqdf9556t+vtzqYCzqL zTQlP06drbyOnbXvwMHqkNdD2Rk5atuytUm2c8xsKF65/Lnap39PDd6vvz7/30wtnDdHvXv1 1LHHHqvM1DQN7NNP//lsvH5etkoXXnqVOrZtJm8kpPTWbdW+fUczW8vGPmqr7svMGPe9+nbd rr+CmbNm6qfZP8lrhsL07dt3s20Sw078fr/pWg8mrvCMmS53tzWYnoIAAggggAACCCDQZAXi pk87aE3DZzq4L7zwws0drBEZkagy9hmsttYriV7umtHMg4cepcFDfx1b1ExBmNxmgK68akCd HUVV7W2hkVfe9osHsL4/NG+fo1Fnrl8la4Duur3Ofswg8+S2ebrh9vs220/Gbw5Td2uJNYlL A4uVS9cOU0lNrZmtZdNdJbLslJSaewVVBatqrvJs4MHYDAEEEEAAAQQQQACBpixgjSaxcmqr WB3cdUviK0pubq5Wr16tefPmJcbNtGvbru56PEcAAQQQQAABBBBwqEDAH9C6ijKFQr9igu5t 2JSVr1V6xuY9wf6AuYF9Ix93G9XarpfLykvMLe6Tt2tdK5e2cmqrtG/ffottEsl327ZtNXfu XP3888+av2C+2prJ1F3mzj8UBBBAAAEEEEAAAecL9DBjpieZWUwauxx74m82O0T33q13yXF3 RruOPPaAbe7GuhOmlUtbOXXAzA7TuXPnLbZJJN/WeJQ2bdpoyZIlev/D9zVo8CClJm05RmWL rVmAAAIIIIAAAggg4AiB/Qftv1vasbuO2xiNrayuTOTS1pjvLl26JHLsuiUx5tvq5bYyc2sF 6yrUu++5u+56PEcAAQQQQAABBBBAAIGtCFg5tJVLZ2RkqFu3bvWOJNkwrUmzZs0SCbg1JYo1 TuVPf/mTyswYnJ05qfhW6spLCCCAAAIIIIAAAgjscQJWrmzlzFbubOXQ1nCTvffeWzk5OfW2 JTHPt/WK1fttZenWWJXy8nLl5+dr6tSp8vq8Skoy072kJJvbdDIFYb2KLEQAAQQQQAABBBBo UgKRaESr81fruynf6dnnntWCBQsSs5v06tUrce8cq0O7vuJ67c3nN94706xhTSK+fPnyROZu TWhuJdw9evRQp06dFPAF6tsHyxBAAAEEEEAAAQQQaFIC1eFqLV68ODFpidX7bXVi9+nTR127 dpXPZyZH/4WyRfJtrWftoKSkJHGl5ooVKxQOh39hcxYjgAACCCCAAAIIINB0BaxhJtbFld27 d0/crXNbI0Xq7Q+3NrI2th49e/ZM9IQXFhaqtLS06crScgQQQAABBBBAAAEEjIA1vMS6SWWH Dh0SPd21N6zcHpx6k+9NN7RmQLGGnViPplasnwzqmyKmqTnQXgQQQAABBBBAAIGdI8AVlDvH kb0ggAACCCCAAAIIILBNAZLvbRKxAgIIIIAAAggggAACO0fg/wFW1yfEC6lb8gAAAABJRU5E rkJggg== --------------729026E22F8CD7AB7D015746-- --------------BE2F433B21C005D4D522037F--
On 09/28/2016 05:25 AM, Anantha Raghava wrote:
Hi,
I am trying to integrate the oVirt Engine with Active Directory to enable user logins. I installed the ovirt ldap extension and executed the setup. The process completed successfully and the profile is visible in engine log in page.
Most probably it wasn't successful, because as you can see in screenshot there is no 'namespace', you should see there something, if configuration is correct. Can you please send output of the following command? $ ovirt-engine-extensions-tool --log-level=FINEST --log-file=/tmp/aaa.log aaa search --extension-name=domain-authz There should be some ERROR or WARN. Thanks.
Now, when I try to add the user and assign the roles, it is not allowing me to browse through the profile & the user list. Infact the "GO" button gets deactivated as shown in the screenshot.
How do I set this right and get the user list?
--
Thanks & Regards,
Anantha Raghava
eXza Technology Consulting & Services
Do not print this e-mail unless required. Save Paper & trees.
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Hello Ondra Please find the attached file. I have also attached the setup log file. I find the errors & warnings there too. But I am unable to figure out what really went wrong. One more thing, while setting aaa-ldap extension, since it threw error on user DN, did not properly recognise, I used "anonymous", also did not perform the Login Test. Are these the root cause? -- Thanks & Regards, Anantha Raghava eXza Technology Consulting & Services Do not print this e-mail unless required. Save Paper & trees. On Wednesday 28 September 2016 12:18 PM, Ondra Machacek wrote:
On 09/28/2016 05:25 AM, Anantha Raghava wrote:
Hi,
I am trying to integrate the oVirt Engine with Active Directory to enable user logins. I installed the ovirt ldap extension and executed the setup. The process completed successfully and the profile is visible in engine log in page.
Most probably it wasn't successful, because as you can see in screenshot there is no 'namespace', you should see there something, if configuration is correct.
Can you please send output of the following command?
$ ovirt-engine-extensions-tool --log-level=FINEST --log-file=/tmp/aaa.log aaa search --extension-name=domain-authz
There should be some ERROR or WARN.
Thanks.
Now, when I try to add the user and assign the roles, it is not allowing me to browse through the profile & the user list. Infact the "GO" button gets deactivated as shown in the screenshot.
How do I set this right and get the user list?
--
Thanks & Regards,
Anantha Raghava
eXza Technology Consulting & Services
Do not print this e-mail unless required. Save Paper & trees.
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
----- Anantha Raghava <raghav@exzatechconsulting.com> wrote:
Hello Ondra
Please find the attached file. I have also attached the setup log file. I find the errors & warnings there too. But I am unable to figure out what really went wrong.
One more thing, while setting aaa-ldap extension, since it threw error on user DN, did not properly recognise, I used "anonymous", also did not perform the Login Test. Are these the root cause?
Yes, it is root cause. Active directory usually has anonymous bind disabled. You can enter UPN instead of DN, if you want. In your case it will be something like vdiadmin@rvce.in. Please note that AD usually use CN attribute in DN, not uid attribute, that may be the problem in your DN.
--
Thanks & Regards,
Anantha Raghava
eXza Technology Consulting & Services
Do not print this e-mail unless required. Save Paper & trees.
On Wednesday 28 September 2016 12:18 PM, Ondra Machacek wrote:
On 09/28/2016 05:25 AM, Anantha Raghava wrote:
Hi,
I am trying to integrate the oVirt Engine with Active Directory to enable user logins. I installed the ovirt ldap extension and executed the setup. The process completed successfully and the profile is visible in engine log in page.
Most probably it wasn't successful, because as you can see in screenshot there is no 'namespace', you should see there something, if configuration is correct.
Can you please send output of the following command?
$ ovirt-engine-extensions-tool --log-level=FINEST --log-file=/tmp/aaa.log aaa search --extension-name=domain-authz
There should be some ERROR or WARN.
Thanks.
Now, when I try to add the user and assign the roles, it is not allowing me to browse through the profile & the user list. Infact the "GO" button gets deactivated as shown in the screenshot.
How do I set this right and get the user list?
--
Thanks & Regards,
Anantha Raghava
eXza Technology Consulting & Services
Do not print this e-mail unless required. Save Paper & trees.
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
This is a multi-part message in MIME format. --------------876ED9474170EFDFF2C93EAC Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Thanks for quick response Ondra. Before I make another attempt to properly configure, can I re-execute the ovirt aaa ldap setup again without disturbing the current setup? Will that help me to correct the problem? -- Thanks & Regards, Anantha Raghava eXza Technology Consulting & Services Do not print this e-mail unless required. Save Paper & trees. On Wednesday 28 September 2016 01:23 PM, Ondra Machacek wrote:
----- Anantha Raghava <raghav@exzatechconsulting.com> wrote:
Hello Ondra
Please find the attached file. I have also attached the setup log file. I find the errors & warnings there too. But I am unable to figure out what really went wrong.
One more thing, while setting aaa-ldap extension, since it threw error on user DN, did not properly recognise, I used "anonymous", also did not perform the Login Test. Are these the root cause? Yes, it is root cause. Active directory usually has anonymous bind disabled. You can enter UPN instead of DN, if you want. In your case it will be something like vdiadmin@rvce.in. Please note that AD usually use CN attribute in DN, not uid attribute, that may be the problem in your DN. --
Thanks & Regards,
Anantha Raghava
eXza Technology Consulting & Services
Do not print this e-mail unless required. Save Paper & trees.
On Wednesday 28 September 2016 12:18 PM, Ondra Machacek wrote:
On 09/28/2016 05:25 AM, Anantha Raghava wrote:
Hi,
I am trying to integrate the oVirt Engine with Active Directory to enable user logins. I installed the ovirt ldap extension and executed the setup. The process completed successfully and the profile is visible in engine log in page. Most probably it wasn't successful, because as you can see in screenshot there is no 'namespace', you should see there something, if configuration is correct.
Can you please send output of the following command?
$ ovirt-engine-extensions-tool --log-level=FINEST --log-file=/tmp/aaa.log aaa search --extension-name=domain-authz
There should be some ERROR or WARN.
Thanks.
Now, when I try to add the user and assign the roles, it is not allowing me to browse through the profile & the user list. Infact the "GO" button gets deactivated as shown in the screenshot.
How do I set this right and get the user list?
--
Thanks & Regards,
Anantha Raghava
eXza Technology Consulting & Services
Do not print this e-mail unless required. Save Paper & trees.
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
--------------876ED9474170EFDFF2C93EAC Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 7bit <html> <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> </head> <body bgcolor="#FFFFFF" text="#000000"> <p><font face="Liberation Serif">Thanks for quick response Ondra.</font></p> <p><font face="Liberation Serif">Before I make another attempt to properly configure, can I re-execute the ovirt aaa ldap setup again without disturbing the current setup? Will that help me to correct the problem?</font><br> </p> <div class="moz-signature"> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <title></title> <meta name="generator" content="LibreOffice 5.0.3.2 (Linux)"> <meta name="created" content="00:00:00"> <meta name="changedby" content="Anantha Raghava"> <meta name="changed" content="2016-01-05T17:20:50.677541300"> <meta name="created" content="00:00:00"> <meta name="changedby" content="Anantha Raghava"> <meta name="changed" content="2015-12-20T09:03:26.251763811"> <meta name="created" content="2015-02-21T00:00:00"> <meta name="changedby" content="Anantha Raghava"> <meta name="changed" content="2015-12-20T09:02:11.666821134"> <style type="text/css"> @page { margin: 2cm } p { margin-bottom: 0.25cm; color: #000000; line-height: 120% } address { color: #000000 } a:link { so-language: zxx } </style> <p>-- </p> <p style="margin-bottom: 0cm; line-height: 100%"><font face="Times New Roman, serif">Thanks & Regards,</font></p> <p style="margin-bottom: 0cm; line-height: 100%"><br> </p> <address style="line-height: 100%"><font face="Times New Roman, serif">Anantha Raghava</font></address> <address style="line-height: 100%"><font face="Times New Roman, serif">eXza Technology Consulting & Services</font></address> <br> <p style="margin-bottom: 0cm; line-height: 100%"><font color="#66cc00"><font face="Times New Roman, serif">Do not print this e-mail unless required. Save Paper & trees.</font></font></p> </div> <div class="moz-cite-prefix">On Wednesday 28 September 2016 01:23 PM, Ondra Machacek wrote:<br> </div> <blockquote cite="mid:542985227.69761.1475049229101.JavaMail.zimbra@redhat.com" type="cite"> <pre wrap=""> ----- Anantha Raghava <a class="moz-txt-link-rfc2396E" href="mailto:raghav@exzatechconsulting.com"><raghav@exzatechconsulting.com></a> wrote: </pre> <blockquote type="cite"> <pre wrap="">Hello Ondra Please find the attached file. I have also attached the setup log file. I find the errors & warnings there too. But I am unable to figure out what really went wrong. One more thing, while setting aaa-ldap extension, since it threw error on user DN, did not properly recognise, I used "anonymous", also did not perform the Login Test. Are these the root cause? </pre> </blockquote> <pre wrap=""> Yes, it is root cause. Active directory usually has anonymous bind disabled. You can enter UPN instead of DN, if you want. In your case it will be something like <a class="moz-txt-link-abbreviated" href="mailto:vdiadmin@rvce.in">vdiadmin@rvce.in</a>. Please note that AD usually use CN attribute in DN, not uid attribute, that may be the problem in your DN. </pre> <blockquote type="cite"> <pre wrap=""> -- Thanks & Regards, Anantha Raghava eXza Technology Consulting & Services Do not print this e-mail unless required. Save Paper & trees. On Wednesday 28 September 2016 12:18 PM, Ondra Machacek wrote: </pre> <blockquote type="cite"> <pre wrap="">On 09/28/2016 05:25 AM, Anantha Raghava wrote: </pre> <blockquote type="cite"> <pre wrap="">Hi, I am trying to integrate the oVirt Engine with Active Directory to enable user logins. I installed the ovirt ldap extension and executed the setup. The process completed successfully and the profile is visible in engine log in page. </pre> </blockquote> <pre wrap=""> Most probably it wasn't successful, because as you can see in screenshot there is no 'namespace', you should see there something, if configuration is correct. Can you please send output of the following command? $ ovirt-engine-extensions-tool --log-level=FINEST --log-file=/tmp/aaa.log aaa search --extension-name=domain-authz There should be some ERROR or WARN. Thanks. </pre> <blockquote type="cite"> <pre wrap=""> Now, when I try to add the user and assign the roles, it is not allowing me to browse through the profile & the user list. Infact the "GO" button gets deactivated as shown in the screenshot. How do I set this right and get the user list? -- Thanks & Regards, Anantha Raghava eXza Technology Consulting & Services Do not print this e-mail unless required. Save Paper & trees. _______________________________________________ Users mailing list <a class="moz-txt-link-abbreviated" href="mailto:Users@ovirt.org">Users@ovirt.org</a> <a class="moz-txt-link-freetext" href="http://lists.ovirt.org/mailman/listinfo/users">http://lists.ovirt.org/mailman/listinfo/users</a> </pre> </blockquote> </blockquote> <pre wrap=""> </pre> </blockquote> <pre wrap=""> </pre> </blockquote> <br> </body> </html> --------------876ED9474170EFDFF2C93EAC--
Yes, you can. You can use different profile name and those setups can exist together, or you can you same name and the aaa-setup-tool will ask you if you want to override the existing one. ----- Anantha Raghava <raghav@exzatechconsulting.com> wrote:
Thanks for quick response Ondra.
Before I make another attempt to properly configure, can I re-execute the ovirt aaa ldap setup again without disturbing the current setup? Will that help me to correct the problem?
--
Thanks & Regards,
Anantha Raghava
eXza Technology Consulting & Services
Do not print this e-mail unless required. Save Paper & trees.
On Wednesday 28 September 2016 01:23 PM, Ondra Machacek wrote:
----- Anantha Raghava <raghav@exzatechconsulting.com> wrote:
Hello Ondra
Please find the attached file. I have also attached the setup log file. I find the errors & warnings there too. But I am unable to figure out what really went wrong.
One more thing, while setting aaa-ldap extension, since it threw error on user DN, did not properly recognise, I used "anonymous", also did not perform the Login Test. Are these the root cause? Yes, it is root cause. Active directory usually has anonymous bind disabled. You can enter UPN instead of DN, if you want. In your case it will be something like vdiadmin@rvce.in. Please note that AD usually use CN attribute in DN, not uid attribute, that may be the problem in your DN. --
Thanks & Regards,
Anantha Raghava
eXza Technology Consulting & Services
Do not print this e-mail unless required. Save Paper & trees.
On Wednesday 28 September 2016 12:18 PM, Ondra Machacek wrote:
On 09/28/2016 05:25 AM, Anantha Raghava wrote:
Hi,
I am trying to integrate the oVirt Engine with Active Directory to enable user logins. I installed the ovirt ldap extension and executed the setup. The process completed successfully and the profile is visible in engine log in page. Most probably it wasn't successful, because as you can see in screenshot there is no 'namespace', you should see there something, if configuration is correct.
Can you please send output of the following command?
$ ovirt-engine-extensions-tool --log-level=FINEST --log-file=/tmp/aaa.log aaa search --extension-name=domain-authz
There should be some ERROR or WARN.
Thanks.
Now, when I try to add the user and assign the roles, it is not allowing me to browse through the profile & the user list. Infact the "GO" button gets deactivated as shown in the screenshot.
How do I set this right and get the user list?
--
Thanks & Regards,
Anantha Raghava
eXza Technology Consulting & Services
Do not print this e-mail unless required. Save Paper & trees.
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
This is a multi-part message in MIME format. --------------036200E0EE241DFE064F16AF Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Thanks Ondra. Will check this & revert back. -- Thanks & Regards, Anantha Raghava eXza Technology Consulting & Services Do not print this e-mail unless required. Save Paper & trees. On Wednesday 28 September 2016 02:02 PM, Ondra Machacek wrote:
Yes, you can. You can use different profile name and those setups can exist together, or you can you same name and the aaa-setup-tool will ask you if you want to override the existing one.
----- Anantha Raghava <raghav@exzatechconsulting.com> wrote:
Thanks for quick response Ondra.
Before I make another attempt to properly configure, can I re-execute the ovirt aaa ldap setup again without disturbing the current setup? Will that help me to correct the problem?
--
Thanks & Regards,
Anantha Raghava
eXza Technology Consulting & Services
Do not print this e-mail unless required. Save Paper & trees.
On Wednesday 28 September 2016 01:23 PM, Ondra Machacek wrote:
----- Anantha Raghava <raghav@exzatechconsulting.com> wrote:
Hello Ondra
Please find the attached file. I have also attached the setup log file. I find the errors & warnings there too. But I am unable to figure out what really went wrong.
One more thing, while setting aaa-ldap extension, since it threw error on user DN, did not properly recognise, I used "anonymous", also did not perform the Login Test. Are these the root cause? Yes, it is root cause. Active directory usually has anonymous bind disabled. You can enter UPN instead of DN, if you want. In your case it will be something like vdiadmin@rvce.in. Please note that AD usually use CN attribute in DN, not uid attribute, that may be the problem in your DN. --
Thanks & Regards,
Anantha Raghava
eXza Technology Consulting & Services
Do not print this e-mail unless required. Save Paper & trees.
On Wednesday 28 September 2016 12:18 PM, Ondra Machacek wrote:
On 09/28/2016 05:25 AM, Anantha Raghava wrote:
Hi,
I am trying to integrate the oVirt Engine with Active Directory to enable user logins. I installed the ovirt ldap extension and executed the setup. The process completed successfully and the profile is visible in engine log in page. Most probably it wasn't successful, because as you can see in screenshot there is no 'namespace', you should see there something, if configuration is correct.
Can you please send output of the following command?
$ ovirt-engine-extensions-tool --log-level=FINEST --log-file=/tmp/aaa.log aaa search --extension-name=domain-authz
There should be some ERROR or WARN.
Thanks.
Now, when I try to add the user and assign the roles, it is not allowing me to browse through the profile & the user list. Infact the "GO" button gets deactivated as shown in the screenshot.
How do I set this right and get the user list?
--
Thanks & Regards,
Anantha Raghava
eXza Technology Consulting & Services
Do not print this e-mail unless required. Save Paper & trees.
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
--------------036200E0EE241DFE064F16AF Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 7bit <html> <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> </head> <body bgcolor="#FFFFFF" text="#000000"> <p><font face="Liberation Serif">Thanks Ondra. Will check this & revert back.</font><br> </p> <div class="moz-signature"> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <title></title> <meta name="generator" content="LibreOffice 5.0.3.2 (Linux)"> <meta name="created" content="00:00:00"> <meta name="changedby" content="Anantha Raghava"> <meta name="changed" content="2016-01-05T17:20:50.677541300"> <meta name="created" content="00:00:00"> <meta name="changedby" content="Anantha Raghava"> <meta name="changed" content="2015-12-20T09:03:26.251763811"> <meta name="created" content="2015-02-21T00:00:00"> <meta name="changedby" content="Anantha Raghava"> <meta name="changed" content="2015-12-20T09:02:11.666821134"> <style type="text/css"> @page { margin: 2cm } p { margin-bottom: 0.25cm; color: #000000; line-height: 120% } address { color: #000000 } a:link { so-language: zxx } </style> <p>-- </p> <p style="margin-bottom: 0cm; line-height: 100%"><font face="Times New Roman, serif">Thanks & Regards,</font></p> <p style="margin-bottom: 0cm; line-height: 100%"><br> </p> <address style="line-height: 100%"><font face="Times New Roman, serif">Anantha Raghava</font></address> <address style="line-height: 100%"><font face="Times New Roman, serif">eXza Technology Consulting & Services</font></address> <br> <p style="margin-bottom: 0cm; line-height: 100%"><font color="#66cc00"><font face="Times New Roman, serif">Do not print this e-mail unless required. Save Paper & trees.</font></font></p> </div> <div class="moz-cite-prefix">On Wednesday 28 September 2016 02:02 PM, Ondra Machacek wrote:<br> </div> <blockquote cite="mid:1653295031.104015.1475051532897.JavaMail.zimbra@redhat.com" type="cite"> <pre wrap="">Yes, you can. You can use different profile name and those setups can exist together, or you can you same name and the aaa-setup-tool will ask you if you want to override the existing one. ----- Anantha Raghava <a class="moz-txt-link-rfc2396E" href="mailto:raghav@exzatechconsulting.com"><raghav@exzatechconsulting.com></a> wrote: </pre> <blockquote type="cite"> <pre wrap="">Thanks for quick response Ondra. Before I make another attempt to properly configure, can I re-execute the ovirt aaa ldap setup again without disturbing the current setup? Will that help me to correct the problem? -- Thanks & Regards, Anantha Raghava eXza Technology Consulting & Services Do not print this e-mail unless required. Save Paper & trees. On Wednesday 28 September 2016 01:23 PM, Ondra Machacek wrote: </pre> <blockquote type="cite"> <pre wrap="">----- Anantha Raghava <a class="moz-txt-link-rfc2396E" href="mailto:raghav@exzatechconsulting.com"><raghav@exzatechconsulting.com></a> wrote: </pre> <blockquote type="cite"> <pre wrap="">Hello Ondra Please find the attached file. I have also attached the setup log file. I find the errors & warnings there too. But I am unable to figure out what really went wrong. One more thing, while setting aaa-ldap extension, since it threw error on user DN, did not properly recognise, I used "anonymous", also did not perform the Login Test. Are these the root cause? </pre> </blockquote> <pre wrap="">Yes, it is root cause. Active directory usually has anonymous bind disabled. You can enter UPN instead of DN, if you want. In your case it will be something like <a class="moz-txt-link-abbreviated" href="mailto:vdiadmin@rvce.in">vdiadmin@rvce.in</a>. Please note that AD usually use CN attribute in DN, not uid attribute, that may be the problem in your DN. </pre> <blockquote type="cite"> <pre wrap="">-- Thanks & Regards, Anantha Raghava eXza Technology Consulting & Services Do not print this e-mail unless required. Save Paper & trees. On Wednesday 28 September 2016 12:18 PM, Ondra Machacek wrote: </pre> <blockquote type="cite"> <pre wrap="">On 09/28/2016 05:25 AM, Anantha Raghava wrote: </pre> <blockquote type="cite"> <pre wrap="">Hi, I am trying to integrate the oVirt Engine with Active Directory to enable user logins. I installed the ovirt ldap extension and executed the setup. The process completed successfully and the profile is visible in engine log in page. </pre> </blockquote> <pre wrap="">Most probably it wasn't successful, because as you can see in screenshot there is no 'namespace', you should see there something, if configuration is correct. Can you please send output of the following command? $ ovirt-engine-extensions-tool --log-level=FINEST --log-file=/tmp/aaa.log aaa search --extension-name=domain-authz There should be some ERROR or WARN. Thanks. </pre> <blockquote type="cite"> <pre wrap="">Now, when I try to add the user and assign the roles, it is not allowing me to browse through the profile & the user list. Infact the "GO" button gets deactivated as shown in the screenshot. How do I set this right and get the user list? -- Thanks & Regards, Anantha Raghava eXza Technology Consulting & Services Do not print this e-mail unless required. Save Paper & trees. _______________________________________________ Users mailing list <a class="moz-txt-link-abbreviated" href="mailto:Users@ovirt.org">Users@ovirt.org</a> <a class="moz-txt-link-freetext" href="http://lists.ovirt.org/mailman/listinfo/users">http://lists.ovirt.org/mailman/listinfo/users</a> </pre> </blockquote> </blockquote> </blockquote> </blockquote> <pre wrap=""> </pre> </blockquote> <pre wrap=""> </pre> </blockquote> <br> </body> </html> --------------036200E0EE241DFE064F16AF--
This is a multi-part message in MIME format. --------------94105A3B2536BDC8C0E92281 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Hello Ondra, It's working now. It browses though the directory and fetching the user / group details. Thanks for your quick support. -- Thanks & Regards, Anantha Raghava eXza Technology Consulting & Services Do not print this e-mail unless required. Save Paper & trees. On Wednesday 28 September 2016 02:03 PM, Anantha Raghava wrote:
Thanks Ondra. Will check this & revert back.
--
Thanks & Regards,
Anantha Raghava
eXza Technology Consulting & Services
Do not print this e-mail unless required. Save Paper & trees.
On Wednesday 28 September 2016 02:02 PM, Ondra Machacek wrote:
Yes, you can. You can use different profile name and those setups can exist together, or you can you same name and the aaa-setup-tool will ask you if you want to override the existing one.
----- Anantha Raghava<raghav@exzatechconsulting.com> wrote:
Thanks for quick response Ondra.
Before I make another attempt to properly configure, can I re-execute the ovirt aaa ldap setup again without disturbing the current setup? Will that help me to correct the problem?
--
Thanks & Regards,
Anantha Raghava
eXza Technology Consulting & Services
Do not print this e-mail unless required. Save Paper & trees.
On Wednesday 28 September 2016 01:23 PM, Ondra Machacek wrote:
----- Anantha Raghava<raghav@exzatechconsulting.com> wrote:
Hello Ondra
Please find the attached file. I have also attached the setup log file. I find the errors & warnings there too. But I am unable to figure out what really went wrong.
One more thing, while setting aaa-ldap extension, since it threw error on user DN, did not properly recognise, I used "anonymous", also did not perform the Login Test. Are these the root cause? Yes, it is root cause. Active directory usually has anonymous bind disabled. You can enter UPN instead of DN, if you want. In your case it will be something likevdiadmin@rvce.in. Please note that AD usually use CN attribute in DN, not uid attribute, that may be the problem in your DN. --
Thanks & Regards,
Anantha Raghava
eXza Technology Consulting & Services
Do not print this e-mail unless required. Save Paper & trees.
On Wednesday 28 September 2016 12:18 PM, Ondra Machacek wrote:
On 09/28/2016 05:25 AM, Anantha Raghava wrote: > Hi, > > I am trying to integrate the oVirt Engine with Active Directory to > enable user logins. I installed the ovirt ldap extension and executed > the setup. The process completed successfully and the profile is visible > in engine log in page. Most probably it wasn't successful, because as you can see in screenshot there is no 'namespace', you should see there something, if configuration is correct.
Can you please send output of the following command?
$ ovirt-engine-extensions-tool --log-level=FINEST --log-file=/tmp/aaa.log aaa search --extension-name=domain-authz
There should be some ERROR or WARN.
Thanks.
> Now, when I try to add the user and assign the roles, it is not allowing > me to browse through the profile & the user list. Infact the "GO" button > gets deactivated as shown in the screenshot. > > How do I set this right and get the user list? > > -- > > Thanks & Regards, > > > Anantha Raghava > > eXza Technology Consulting & Services > > > Do not print this e-mail unless required. Save Paper & trees. > > > > _______________________________________________ > Users mailing list > Users@ovirt.org > http://lists.ovirt.org/mailman/listinfo/users >
--------------94105A3B2536BDC8C0E92281 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 7bit <html> <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> </head> <body bgcolor="#FFFFFF" text="#000000"> <p><font face="Liberation Serif">Hello Ondra,</font></p> <p><font face="Liberation Serif">It's working now. It browses though the directory and fetching the user / group details.</font><br> </p> <div class="moz-signature"> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <title></title> <meta name="generator" content="LibreOffice 5.0.3.2 (Linux)"> <meta name="created" content="00:00:00"> <meta name="changedby" content="Anantha Raghava"> <meta name="changed" content="2016-01-05T17:20:50.677541300"> <meta name="created" content="00:00:00"> <meta name="changedby" content="Anantha Raghava"> <meta name="changed" content="2015-12-20T09:03:26.251763811"> <meta name="created" content="2015-02-21T00:00:00"> <meta name="changedby" content="Anantha Raghava"> <meta name="changed" content="2015-12-20T09:02:11.666821134"> <style type="text/css"> @page { margin: 2cm } p { margin-bottom: 0.25cm; color: #000000; line-height: 120% } address { color: #000000 } a:link { so-language: zxx } </style> <p style="margin-bottom: 0cm">Thanks for your quick support.<br> </p> <p>-- </p> <p style="margin-bottom: 0cm; line-height: 100%"><font face="Times New Roman, serif">Thanks & Regards,</font></p> <p style="margin-bottom: 0cm; line-height: 100%"><br> </p> <address style="line-height: 100%"><font face="Times New Roman, serif">Anantha Raghava</font></address> <address style="line-height: 100%"><font face="Times New Roman, serif">eXza Technology Consulting & Services</font></address> <br> <p style="margin-bottom: 0cm; line-height: 100%"><font color="#66cc00"><font face="Times New Roman, serif">Do not print this e-mail unless required. Save Paper & trees.</font></font></p> </div> <div class="moz-cite-prefix">On Wednesday 28 September 2016 02:03 PM, Anantha Raghava wrote:<br> </div> <blockquote cite="mid:5d36b2ce-36be-8b7a-e2c8-87da4edc3aa7@exzatechconsulting.com" type="cite"> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> <p><font face="Liberation Serif">Thanks Ondra. Will check this & revert back.</font><br> </p> <div class="moz-signature"> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <title></title> <meta name="generator" content="LibreOffice 5.0.3.2 (Linux)"> <meta name="created" content="00:00:00"> <meta name="changedby" content="Anantha Raghava"> <meta name="changed" content="2016-01-05T17:20:50.677541300"> <meta name="created" content="00:00:00"> <meta name="changedby" content="Anantha Raghava"> <meta name="changed" content="2015-12-20T09:03:26.251763811"> <meta name="created" content="2015-02-21T00:00:00"> <meta name="changedby" content="Anantha Raghava"> <meta name="changed" content="2015-12-20T09:02:11.666821134"> <style type="text/css"> @page { margin: 2cm } p { margin-bottom: 0.25cm; color: #000000; line-height: 120% } address { color: #000000 } a:link { so-language: zxx } </style> <p>-- </p> <p style="margin-bottom: 0cm; line-height: 100%"><font face="Times New Roman, serif">Thanks & Regards,</font></p> <p style="margin-bottom: 0cm; line-height: 100%"><br> </p> <address style="line-height: 100%"><font face="Times New Roman, serif">Anantha Raghava</font></address> <address style="line-height: 100%"><font face="Times New Roman, serif">eXza Technology Consulting & Services</font></address> <br> <p style="margin-bottom: 0cm; line-height: 100%"><font color="#66cc00"><font face="Times New Roman, serif">Do not print this e-mail unless required. Save Paper & trees.</font></font></p> </div> <div class="moz-cite-prefix">On Wednesday 28 September 2016 02:02 PM, Ondra Machacek wrote:<br> </div> <blockquote cite="mid:1653295031.104015.1475051532897.JavaMail.zimbra@redhat.com" type="cite"> <pre wrap="">Yes, you can. You can use different profile name and those setups can exist together, or you can you same name and the aaa-setup-tool will ask you if you want to override the existing one. ----- Anantha Raghava <a moz-do-not-send="true" class="moz-txt-link-rfc2396E" href="mailto:raghav@exzatechconsulting.com"><raghav@exzatechconsulting.com></a> wrote: </pre> <blockquote type="cite"> <pre wrap="">Thanks for quick response Ondra. Before I make another attempt to properly configure, can I re-execute the ovirt aaa ldap setup again without disturbing the current setup? Will that help me to correct the problem? -- Thanks & Regards, Anantha Raghava eXza Technology Consulting & Services Do not print this e-mail unless required. Save Paper & trees. On Wednesday 28 September 2016 01:23 PM, Ondra Machacek wrote: </pre> <blockquote type="cite"> <pre wrap="">----- Anantha Raghava <a moz-do-not-send="true" class="moz-txt-link-rfc2396E" href="mailto:raghav@exzatechconsulting.com"><raghav@exzatechconsulting.com></a> wrote: </pre> <blockquote type="cite"> <pre wrap="">Hello Ondra Please find the attached file. I have also attached the setup log file. I find the errors & warnings there too. But I am unable to figure out what really went wrong. One more thing, while setting aaa-ldap extension, since it threw error on user DN, did not properly recognise, I used "anonymous", also did not perform the Login Test. Are these the root cause? </pre> </blockquote> <pre wrap="">Yes, it is root cause. Active directory usually has anonymous bind disabled. You can enter UPN instead of DN, if you want. In your case it will be something like <a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:vdiadmin@rvce.in">vdiadmin@rvce.in</a>. Please note that AD usually use CN attribute in DN, not uid attribute, that may be the problem in your DN. </pre> <blockquote type="cite"> <pre wrap="">-- Thanks & Regards, Anantha Raghava eXza Technology Consulting & Services Do not print this e-mail unless required. Save Paper & trees. On Wednesday 28 September 2016 12:18 PM, Ondra Machacek wrote: </pre> <blockquote type="cite"> <pre wrap="">On 09/28/2016 05:25 AM, Anantha Raghava wrote: </pre> <blockquote type="cite"> <pre wrap="">Hi, I am trying to integrate the oVirt Engine with Active Directory to enable user logins. I installed the ovirt ldap extension and executed the setup. The process completed successfully and the profile is visible in engine log in page. </pre> </blockquote> <pre wrap="">Most probably it wasn't successful, because as you can see in screenshot there is no 'namespace', you should see there something, if configuration is correct. Can you please send output of the following command? $ ovirt-engine-extensions-tool --log-level=FINEST --log-file=/tmp/aaa.log aaa search --extension-name=domain-authz There should be some ERROR or WARN. Thanks. </pre> <blockquote type="cite"> <pre wrap="">Now, when I try to add the user and assign the roles, it is not allowing me to browse through the profile & the user list. Infact the "GO" button gets deactivated as shown in the screenshot. How do I set this right and get the user list? -- Thanks & Regards, Anantha Raghava eXza Technology Consulting & Services Do not print this e-mail unless required. Save Paper & trees. _______________________________________________ Users mailing list <a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:Users@ovirt.org">Users@ovirt.org</a> <a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://lists.ovirt.org/mailman/listinfo/users">http://lists.ovirt.org/mailman/listinfo/users</a> </pre> </blockquote> </blockquote> </blockquote> </blockquote> </blockquote> </blockquote> <br> </blockquote> <br> </body> </html> --------------94105A3B2536BDC8C0E92281--
This is a multi-part message in MIME format. --------------3C5BFB4FC5758C4E75306BC8 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Hi, I am able to add the user to oVirt and assign role. Just to test, I assigned one user as "super user" and I am able to login to Administrator Portal. Need to read a bit more about roles and their predefined rights. Any suggestions in this regard? -- Thanks & Regards, Anantha Raghava eXza Technology Consulting & Services Do not print this e-mail unless required. Save Paper & trees. On Wednesday 28 September 2016 03:46 PM, Anantha Raghava wrote:
Hello Ondra,
It's working now. It browses though the directory and fetching the user / group details.
Thanks for your quick support.
--
Thanks & Regards,
Anantha Raghava
eXza Technology Consulting & Services
Do not print this e-mail unless required. Save Paper & trees.
On Wednesday 28 September 2016 02:03 PM, Anantha Raghava wrote:
Thanks Ondra. Will check this & revert back.
--
Thanks & Regards,
Anantha Raghava
eXza Technology Consulting & Services
Do not print this e-mail unless required. Save Paper & trees.
On Wednesday 28 September 2016 02:02 PM, Ondra Machacek wrote:
Yes, you can. You can use different profile name and those setups can exist together, or you can you same name and the aaa-setup-tool will ask you if you want to override the existing one.
----- Anantha Raghava<raghav@exzatechconsulting.com> wrote:
Thanks for quick response Ondra.
Before I make another attempt to properly configure, can I re-execute the ovirt aaa ldap setup again without disturbing the current setup? Will that help me to correct the problem?
--
Thanks & Regards,
Anantha Raghava
eXza Technology Consulting & Services
Do not print this e-mail unless required. Save Paper & trees.
On Wednesday 28 September 2016 01:23 PM, Ondra Machacek wrote:
----- Anantha Raghava<raghav@exzatechconsulting.com> wrote:
Hello Ondra
Please find the attached file. I have also attached the setup log file. I find the errors & warnings there too. But I am unable to figure out what really went wrong.
One more thing, while setting aaa-ldap extension, since it threw error on user DN, did not properly recognise, I used "anonymous", also did not perform the Login Test. Are these the root cause? Yes, it is root cause. Active directory usually has anonymous bind disabled. You can enter UPN instead of DN, if you want. In your case it will be something likevdiadmin@rvce.in. Please note that AD usually use CN attribute in DN, not uid attribute, that may be the problem in your DN. --
Thanks & Regards,
Anantha Raghava
eXza Technology Consulting & Services
Do not print this e-mail unless required. Save Paper & trees.
On Wednesday 28 September 2016 12:18 PM, Ondra Machacek wrote: > On 09/28/2016 05:25 AM, Anantha Raghava wrote: >> Hi, >> >> I am trying to integrate the oVirt Engine with Active Directory to >> enable user logins. I installed the ovirt ldap extension and executed >> the setup. The process completed successfully and the profile is visible >> in engine log in page. > Most probably it wasn't successful, because as you can see in > screenshot there is no 'namespace', you should see there something, if > configuration is correct. > > Can you please send output of the following command? > > $ ovirt-engine-extensions-tool --log-level=FINEST > --log-file=/tmp/aaa.log aaa search --extension-name=domain-authz > > There should be some ERROR or WARN. > > Thanks. > >> Now, when I try to add the user and assign the roles, it is not allowing >> me to browse through the profile & the user list. Infact the "GO" button >> gets deactivated as shown in the screenshot. >> >> How do I set this right and get the user list? >> >> -- >> >> Thanks & Regards, >> >> >> Anantha Raghava >> >> eXza Technology Consulting & Services >> >> >> Do not print this e-mail unless required. Save Paper & trees. >> >> >> >> _______________________________________________ >> Users mailing list >> Users@ovirt.org >> http://lists.ovirt.org/mailman/listinfo/users >>
--------------3C5BFB4FC5758C4E75306BC8 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 7bit <html> <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> </head> <body bgcolor="#FFFFFF" text="#000000"> <p>Hi,</p> <p>I am able to add the user to oVirt and assign role. Just to test, I assigned one user as "super user" and I am able to login to Administrator Portal. <br> </p> <p>Need to read a bit more about roles and their predefined rights. Any suggestions in this regard?<br> </p> <div class="moz-signature"> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <title></title> <meta name="generator" content="LibreOffice 5.0.3.2 (Linux)"> <meta name="created" content="00:00:00"> <meta name="changedby" content="Anantha Raghava"> <meta name="changed" content="2016-01-05T17:20:50.677541300"> <meta name="created" content="00:00:00"> <meta name="changedby" content="Anantha Raghava"> <meta name="changed" content="2015-12-20T09:03:26.251763811"> <meta name="created" content="2015-02-21T00:00:00"> <meta name="changedby" content="Anantha Raghava"> <meta name="changed" content="2015-12-20T09:02:11.666821134"> <style type="text/css"> @page { margin: 2cm } p { margin-bottom: 0.25cm; color: #000000; line-height: 120% } address { color: #000000 } a:link { so-language: zxx } </style> <p>-- </p> <p style="margin-bottom: 0cm; line-height: 100%"><font face="Times New Roman, serif">Thanks & Regards,</font></p> <p style="margin-bottom: 0cm; line-height: 100%"><br> </p> <address style="line-height: 100%"><font face="Times New Roman, serif">Anantha Raghava</font></address> <address style="line-height: 100%"><font face="Times New Roman, serif">eXza Technology Consulting & Services</font></address> <br> <p style="margin-bottom: 0cm; line-height: 100%"><br> </p> <p style="margin-bottom: 0cm; line-height: 100%"><font color="#66cc00"><font face="Times New Roman, serif">Do not print this e-mail unless required. Save Paper & trees.</font></font></p> </div> <div class="moz-cite-prefix">On Wednesday 28 September 2016 03:46 PM, Anantha Raghava wrote:<br> </div> <blockquote cite="mid:8b86ecc4-92bb-80be-31cf-721bc89e15fe@exzatechconsulting.com" type="cite"> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> <p><font face="Liberation Serif">Hello Ondra,</font></p> <p><font face="Liberation Serif">It's working now. It browses though the directory and fetching the user / group details.</font><br> </p> <div class="moz-signature"> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <title></title> <meta name="generator" content="LibreOffice 5.0.3.2 (Linux)"> <meta name="created" content="00:00:00"> <meta name="changedby" content="Anantha Raghava"> <meta name="changed" content="2016-01-05T17:20:50.677541300"> <meta name="created" content="00:00:00"> <meta name="changedby" content="Anantha Raghava"> <meta name="changed" content="2015-12-20T09:03:26.251763811"> <meta name="created" content="2015-02-21T00:00:00"> <meta name="changedby" content="Anantha Raghava"> <meta name="changed" content="2015-12-20T09:02:11.666821134"> <style type="text/css"> @page { margin: 2cm } p { margin-bottom: 0.25cm; color: #000000; line-height: 120% } address { color: #000000 } a:link { so-language: zxx } </style> <p style="margin-bottom: 0cm">Thanks for your quick support.<br> </p> <p>-- </p> <p style="margin-bottom: 0cm; line-height: 100%"><font face="Times New Roman, serif">Thanks & Regards,</font></p> <p style="margin-bottom: 0cm; line-height: 100%"><br> </p> <address style="line-height: 100%"><font face="Times New Roman, serif">Anantha Raghava</font></address> <address style="line-height: 100%"><font face="Times New Roman, serif">eXza Technology Consulting & Services</font></address> <br> <p style="margin-bottom: 0cm; line-height: 100%"><font color="#66cc00"><font face="Times New Roman, serif">Do not print this e-mail unless required. Save Paper & trees.</font></font></p> </div> <div class="moz-cite-prefix">On Wednesday 28 September 2016 02:03 PM, Anantha Raghava wrote:<br> </div> <blockquote cite="mid:5d36b2ce-36be-8b7a-e2c8-87da4edc3aa7@exzatechconsulting.com" type="cite"> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> <p><font face="Liberation Serif">Thanks Ondra. Will check this & revert back.</font><br> </p> <div class="moz-signature"> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <title></title> <meta name="generator" content="LibreOffice 5.0.3.2 (Linux)"> <meta name="created" content="00:00:00"> <meta name="changedby" content="Anantha Raghava"> <meta name="changed" content="2016-01-05T17:20:50.677541300"> <meta name="created" content="00:00:00"> <meta name="changedby" content="Anantha Raghava"> <meta name="changed" content="2015-12-20T09:03:26.251763811"> <meta name="created" content="2015-02-21T00:00:00"> <meta name="changedby" content="Anantha Raghava"> <meta name="changed" content="2015-12-20T09:02:11.666821134"> <style type="text/css"> @page { margin: 2cm } p { margin-bottom: 0.25cm; color: #000000; line-height: 120% } address { color: #000000 } a:link { so-language: zxx } </style> <p>-- </p> <p style="margin-bottom: 0cm; line-height: 100%"><font face="Times New Roman, serif">Thanks & Regards,</font></p> <p style="margin-bottom: 0cm; line-height: 100%"><br> </p> <address style="line-height: 100%"><font face="Times New Roman, serif">Anantha Raghava</font></address> <address style="line-height: 100%"><font face="Times New Roman, serif">eXza Technology Consulting & Services</font></address> <br> <p style="margin-bottom: 0cm; line-height: 100%"><font color="#66cc00"><font face="Times New Roman, serif">Do not print this e-mail unless required. Save Paper & trees.</font></font></p> </div> <div class="moz-cite-prefix">On Wednesday 28 September 2016 02:02 PM, Ondra Machacek wrote:<br> </div> <blockquote cite="mid:1653295031.104015.1475051532897.JavaMail.zimbra@redhat.com" type="cite"> <pre wrap="">Yes, you can. You can use different profile name and those setups can exist together, or you can you same name and the aaa-setup-tool will ask you if you want to override the existing one. ----- Anantha Raghava <a moz-do-not-send="true" class="moz-txt-link-rfc2396E" href="mailto:raghav@exzatechconsulting.com"><raghav@exzatechconsulting.com></a> wrote: </pre> <blockquote type="cite"> <pre wrap="">Thanks for quick response Ondra. Before I make another attempt to properly configure, can I re-execute the ovirt aaa ldap setup again without disturbing the current setup? Will that help me to correct the problem? -- Thanks & Regards, Anantha Raghava eXza Technology Consulting & Services Do not print this e-mail unless required. Save Paper & trees. On Wednesday 28 September 2016 01:23 PM, Ondra Machacek wrote: </pre> <blockquote type="cite"> <pre wrap="">----- Anantha Raghava <a moz-do-not-send="true" class="moz-txt-link-rfc2396E" href="mailto:raghav@exzatechconsulting.com"><raghav@exzatechconsulting.com></a> wrote: </pre> <blockquote type="cite"> <pre wrap="">Hello Ondra Please find the attached file. I have also attached the setup log file. I find the errors & warnings there too. But I am unable to figure out what really went wrong. One more thing, while setting aaa-ldap extension, since it threw error on user DN, did not properly recognise, I used "anonymous", also did not perform the Login Test. Are these the root cause? </pre> </blockquote> <pre wrap="">Yes, it is root cause. Active directory usually has anonymous bind disabled. You can enter UPN instead of DN, if you want. In your case it will be something like <a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:vdiadmin@rvce.in">vdiadmin@rvce.in</a>. Please note that AD usually use CN attribute in DN, not uid attribute, that may be the problem in your DN. </pre> <blockquote type="cite"> <pre wrap="">-- Thanks & Regards, Anantha Raghava eXza Technology Consulting & Services Do not print this e-mail unless required. Save Paper & trees. On Wednesday 28 September 2016 12:18 PM, Ondra Machacek wrote: </pre> <blockquote type="cite"> <pre wrap="">On 09/28/2016 05:25 AM, Anantha Raghava wrote: </pre> <blockquote type="cite"> <pre wrap="">Hi, I am trying to integrate the oVirt Engine with Active Directory to enable user logins. I installed the ovirt ldap extension and executed the setup. The process completed successfully and the profile is visible in engine log in page. </pre> </blockquote> <pre wrap="">Most probably it wasn't successful, because as you can see in screenshot there is no 'namespace', you should see there something, if configuration is correct. Can you please send output of the following command? $ ovirt-engine-extensions-tool --log-level=FINEST --log-file=/tmp/aaa.log aaa search --extension-name=domain-authz There should be some ERROR or WARN. Thanks. </pre> <blockquote type="cite"> <pre wrap="">Now, when I try to add the user and assign the roles, it is not allowing me to browse through the profile & the user list. Infact the "GO" button gets deactivated as shown in the screenshot. How do I set this right and get the user list? -- Thanks & Regards, Anantha Raghava eXza Technology Consulting & Services Do not print this e-mail unless required. Save Paper & trees. _______________________________________________ Users mailing list <a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:Users@ovirt.org">Users@ovirt.org</a> <a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://lists.ovirt.org/mailman/listinfo/users">http://lists.ovirt.org/mailman/listinfo/users</a> </pre> </blockquote> </blockquote> </blockquote> </blockquote> </blockquote> </blockquote> <br> </blockquote> <br> </blockquote> <br> </body> </html> --------------3C5BFB4FC5758C4E75306BC8--
Hi, I would suggest you reading this: https://access.redhat.com/documentation/en/red-hat-virtualization/4.0/single... And if you have doubt with anything you can ask here. Ondra On 09/28/2016 05:40 PM, Anantha Raghava wrote:
Hi,
I am able to add the user to oVirt and assign role. Just to test, I assigned one user as "super user" and I am able to login to Administrator Portal.
Need to read a bit more about roles and their predefined rights. Any suggestions in this regard?
--
Thanks & Regards,
Anantha Raghava
eXza Technology Consulting & Services
Do not print this e-mail unless required. Save Paper & trees.
On Wednesday 28 September 2016 03:46 PM, Anantha Raghava wrote:
Hello Ondra,
It's working now. It browses though the directory and fetching the user / group details.
Thanks for your quick support.
--
Thanks & Regards,
Anantha Raghava
eXza Technology Consulting & Services
Do not print this e-mail unless required. Save Paper & trees.
On Wednesday 28 September 2016 02:03 PM, Anantha Raghava wrote:
Thanks Ondra. Will check this & revert back.
--
Thanks & Regards,
Anantha Raghava
eXza Technology Consulting & Services
Do not print this e-mail unless required. Save Paper & trees.
On Wednesday 28 September 2016 02:02 PM, Ondra Machacek wrote:
Yes, you can. You can use different profile name and those setups can exist together, or you can you same name and the aaa-setup-tool will ask you if you want to override the existing one.
----- Anantha Raghava <raghav@exzatechconsulting.com> wrote:
Thanks for quick response Ondra.
Before I make another attempt to properly configure, can I re-execute the ovirt aaa ldap setup again without disturbing the current setup? Will that help me to correct the problem?
--
Thanks & Regards,
Anantha Raghava
eXza Technology Consulting & Services
Do not print this e-mail unless required. Save Paper & trees.
On Wednesday 28 September 2016 01:23 PM, Ondra Machacek wrote:
----- Anantha Raghava <raghav@exzatechconsulting.com> wrote: > Hello Ondra > > Please find the attached file. I have also attached the setup log file. > I find the errors & warnings there too. But I am unable to figure out > what really went wrong. > > One more thing, while setting aaa-ldap extension, since it threw error > on user DN, did not properly recognise, I used "anonymous", also did not > perform the Login Test. Are these the root cause? Yes, it is root cause. Active directory usually has anonymous bind disabled. You can enter UPN instead of DN, if you want. In your case it will be something like vdiadmin@rvce.in. Please note that AD usually use CN attribute in DN, not uid attribute, that may be the problem in your DN. > -- > > Thanks & Regards, > > > Anantha Raghava > > eXza Technology Consulting & Services > > > > Do not print this e-mail unless required. Save Paper & trees. > > On Wednesday 28 September 2016 12:18 PM, Ondra Machacek wrote: >> On 09/28/2016 05:25 AM, Anantha Raghava wrote: >>> Hi, >>> >>> I am trying to integrate the oVirt Engine with Active Directory to >>> enable user logins. I installed the ovirt ldap extension and executed >>> the setup. The process completed successfully and the profile is visible >>> in engine log in page. >> Most probably it wasn't successful, because as you can see in >> screenshot there is no 'namespace', you should see there something, if >> configuration is correct. >> >> Can you please send output of the following command? >> >> $ ovirt-engine-extensions-tool --log-level=FINEST >> --log-file=/tmp/aaa.log aaa search --extension-name=domain-authz >> >> There should be some ERROR or WARN. >> >> Thanks. >> >>> Now, when I try to add the user and assign the roles, it is not allowing >>> me to browse through the profile & the user list. Infact the "GO" button >>> gets deactivated as shown in the screenshot. >>> >>> How do I set this right and get the user list? >>> >>> -- >>> >>> Thanks & Regards, >>> >>> >>> Anantha Raghava >>> >>> eXza Technology Consulting & Services >>> >>> >>> Do not print this e-mail unless required. Save Paper & trees. >>> >>> >>> >>> _______________________________________________ >>> Users mailing list >>> Users@ovirt.org >>> http://lists.ovirt.org/mailman/listinfo/users >>>
This is a multi-part message in MIME format. --------------834EC06451ACB404FC8221BF Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Hi, Thank you very much. -- Thanks & Regards, Anantha Raghava eXza Technology Consulting & Services Do not print this e-mail unless required. Save Paper & trees. On Thursday 29 September 2016 11:43 AM, Ondra Machacek wrote:
Hi,
I would suggest you reading this:
https://access.redhat.com/documentation/en/red-hat-virtualization/4.0/single...
And if you have doubt with anything you can ask here.
Ondra
On 09/28/2016 05:40 PM, Anantha Raghava wrote:
Hi,
I am able to add the user to oVirt and assign role. Just to test, I assigned one user as "super user" and I am able to login to Administrator Portal.
Need to read a bit more about roles and their predefined rights. Any suggestions in this regard?
--
Thanks & Regards,
Anantha Raghava
eXza Technology Consulting & Services
Do not print this e-mail unless required. Save Paper & trees.
On Wednesday 28 September 2016 03:46 PM, Anantha Raghava wrote:
Hello Ondra,
It's working now. It browses though the directory and fetching the user / group details.
Thanks for your quick support.
--
Thanks & Regards,
Anantha Raghava
eXza Technology Consulting & Services
Do not print this e-mail unless required. Save Paper & trees.
On Wednesday 28 September 2016 02:03 PM, Anantha Raghava wrote:
Thanks Ondra. Will check this & revert back.
--
Thanks & Regards,
Anantha Raghava
eXza Technology Consulting & Services
Do not print this e-mail unless required. Save Paper & trees.
On Wednesday 28 September 2016 02:02 PM, Ondra Machacek wrote:
Yes, you can. You can use different profile name and those setups can exist together, or you can you same name and the aaa-setup-tool will ask you if you want to override the existing one.
----- Anantha Raghava <raghav@exzatechconsulting.com> wrote:
Thanks for quick response Ondra.
Before I make another attempt to properly configure, can I re-execute the ovirt aaa ldap setup again without disturbing the current setup? Will that help me to correct the problem?
--
Thanks & Regards,
Anantha Raghava
eXza Technology Consulting & Services
Do not print this e-mail unless required. Save Paper & trees.
On Wednesday 28 September 2016 01:23 PM, Ondra Machacek wrote: > ----- Anantha Raghava <raghav@exzatechconsulting.com> wrote: >> Hello Ondra >> >> Please find the attached file. I have also attached the setup >> log file. >> I find the errors & warnings there too. But I am unable to >> figure out >> what really went wrong. >> >> One more thing, while setting aaa-ldap extension, since it >> threw error >> on user DN, did not properly recognise, I used "anonymous", >> also did not >> perform the Login Test. Are these the root cause? > Yes, it is root cause. Active directory usually has anonymous > bind disabled. You can enter UPN instead of DN, if you want. In > your case it will be something like vdiadmin@rvce.in. Please > note that AD usually use CN attribute in DN, not uid attribute, > that may be the problem in your DN. >> -- >> >> Thanks & Regards, >> >> >> Anantha Raghava >> >> eXza Technology Consulting & Services >> >> >> >> Do not print this e-mail unless required. Save Paper & trees. >> >> On Wednesday 28 September 2016 12:18 PM, Ondra Machacek wrote: >>> On 09/28/2016 05:25 AM, Anantha Raghava wrote: >>>> Hi, >>>> >>>> I am trying to integrate the oVirt Engine with Active >>>> Directory to >>>> enable user logins. I installed the ovirt ldap extension and >>>> executed >>>> the setup. The process completed successfully and the profile >>>> is visible >>>> in engine log in page. >>> Most probably it wasn't successful, because as you can see in >>> screenshot there is no 'namespace', you should see there >>> something, if >>> configuration is correct. >>> >>> Can you please send output of the following command? >>> >>> $ ovirt-engine-extensions-tool --log-level=FINEST >>> --log-file=/tmp/aaa.log aaa search --extension-name=domain-authz >>> >>> There should be some ERROR or WARN. >>> >>> Thanks. >>> >>>> Now, when I try to add the user and assign the roles, it is >>>> not allowing >>>> me to browse through the profile & the user list. Infact the >>>> "GO" button >>>> gets deactivated as shown in the screenshot. >>>> >>>> How do I set this right and get the user list? >>>> >>>> -- >>>> >>>> Thanks & Regards, >>>> >>>> >>>> Anantha Raghava >>>> >>>> eXza Technology Consulting & Services >>>> >>>> >>>> Do not print this e-mail unless required. Save Paper & trees. >>>> >>>> >>>> >>>> _______________________________________________ >>>> Users mailing list >>>> Users@ovirt.org >>>> http://lists.ovirt.org/mailman/listinfo/users >>>>
--------------834EC06451ACB404FC8221BF Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit <html> <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> </head> <body bgcolor="#FFFFFF" text="#000000"> <p><font face="Liberation Serif">Hi,</font></p> <p><font face="Liberation Serif">Thank you very much.</font><br> </p> <div class="moz-signature"> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <title></title> <meta name="generator" content="LibreOffice 5.0.3.2 (Linux)"> <meta name="created" content="00:00:00"> <meta name="changedby" content="Anantha Raghava"> <meta name="changed" content="2016-01-05T17:20:50.677541300"> <meta name="created" content="00:00:00"> <meta name="changedby" content="Anantha Raghava"> <meta name="changed" content="2015-12-20T09:03:26.251763811"> <meta name="created" content="2015-02-21T00:00:00"> <meta name="changedby" content="Anantha Raghava"> <meta name="changed" content="2015-12-20T09:02:11.666821134"> <style type="text/css"> @page { margin: 2cm } p { margin-bottom: 0.25cm; color: #000000; line-height: 120% } address { color: #000000 } a:link { so-language: zxx } </style> <p>-- </p> <p style="margin-bottom: 0cm; line-height: 100%"><font face="Times New Roman, serif">Thanks & Regards,</font></p> <p style="margin-bottom: 0cm; line-height: 100%"><br> </p> <address style="line-height: 100%"><font face="Times New Roman, serif">Anantha Raghava</font></address> <address style="line-height: 100%"><font face="Times New Roman, serif">eXza Technology Consulting & Services</font></address> <br> <p style="margin-bottom: 0cm; line-height: 100%"><font color="#66cc00"><font face="Times New Roman, serif">Do not print this e-mail unless required. Save Paper & trees.</font></font></p> </div> <div class="moz-cite-prefix">On Thursday 29 September 2016 11:43 AM, Ondra Machacek wrote:<br> </div> <blockquote cite="mid:80cf187f-df7d-8def-6862-60b06ddd1af1@redhat.com" type="cite">Hi, <br> <br> I would suggest you reading this: <br> <br> <br> <a class="moz-txt-link-freetext" href="https://access.redhat.com/documentation/en/red-hat-virtualization/4.0/single/administration-guide/#sect-User_Authorization">https://access.redhat.com/documentation/en/red-hat-virtualization/4.0/single/administration-guide/#sect-User_Authorization</a> <br> <br> And if you have doubt with anything you can ask here. <br> <br> Ondra <br> <br> On 09/28/2016 05:40 PM, Anantha Raghava wrote: <br> <blockquote type="cite">Hi, <br> <br> I am able to add the user to oVirt and assign role. Just to test, I <br> assigned one user as "super user" and I am able to login to <br> Administrator Portal. <br> <br> Need to read a bit more about roles and their predefined rights. Any <br> suggestions in this regard? <br> <br> -- <br> <br> Thanks & Regards, <br> <br> <br> Anantha Raghava <br> <br> eXza Technology Consulting & Services <br> <br> <br> <br> Do not print this e-mail unless required. Save Paper & trees. <br> <br> On Wednesday 28 September 2016 03:46 PM, Anantha Raghava wrote: <br> <blockquote type="cite"> <br> Hello Ondra, <br> <br> It's working now. It browses though the directory and fetching the <br> user / group details. <br> <br> Thanks for your quick support. <br> <br> -- <br> <br> Thanks & Regards, <br> <br> <br> Anantha Raghava <br> <br> eXza Technology Consulting & Services <br> <br> <br> Do not print this e-mail unless required. Save Paper & trees. <br> <br> On Wednesday 28 September 2016 02:03 PM, Anantha Raghava wrote: <br> <blockquote type="cite"> <br> Thanks Ondra. Will check this & revert back. <br> <br> -- <br> <br> Thanks & Regards, <br> <br> <br> Anantha Raghava <br> <br> eXza Technology Consulting & Services <br> <br> <br> Do not print this e-mail unless required. Save Paper & trees. <br> <br> On Wednesday 28 September 2016 02:02 PM, Ondra Machacek wrote: <br> <blockquote type="cite">Yes, you can. You can use different profile name and those setups can exist together, or you can you same name and the aaa-setup-tool will ask you if you want to override the existing one. <br> <br> ----- Anantha Raghava <a class="moz-txt-link-rfc2396E" href="mailto:raghav@exzatechconsulting.com"><raghav@exzatechconsulting.com></a> wrote: <br> <blockquote type="cite">Thanks for quick response Ondra. <br> <br> Before I make another attempt to properly configure, can I re-execute <br> the ovirt aaa ldap setup again without disturbing the current setup? <br> Will that help me to correct the problem? <br> <br> -- <br> <br> Thanks & Regards, <br> <br> <br> Anantha Raghava <br> <br> eXza Technology Consulting & Services <br> <br> <br> Do not print this e-mail unless required. Save Paper & trees. <br> <br> On Wednesday 28 September 2016 01:23 PM, Ondra Machacek wrote: <br> <blockquote type="cite">----- Anantha Raghava <a class="moz-txt-link-rfc2396E" href="mailto:raghav@exzatechconsulting.com"><raghav@exzatechconsulting.com></a> wrote: <br> <blockquote type="cite">Hello Ondra <br> <br> Please find the attached file. I have also attached the setup log file. <br> I find the errors & warnings there too. But I am unable to figure out <br> what really went wrong. <br> <br> One more thing, while setting aaa-ldap extension, since it threw error <br> on user DN, did not properly recognise, I used "anonymous", also did not <br> perform the Login Test. Are these the root cause? <br> </blockquote> Yes, it is root cause. Active directory usually has anonymous bind disabled. You can enter UPN instead of DN, if you want. In your case it will be something like <a class="moz-txt-link-abbreviated" href="mailto:vdiadmin@rvce.in">vdiadmin@rvce.in</a>. Please note that AD usually use CN attribute in DN, not uid attribute, that may be the problem in your DN. <br> <blockquote type="cite">-- <br> <br> Thanks & Regards, <br> <br> <br> Anantha Raghava <br> <br> eXza Technology Consulting & Services <br> <br> <br> <br> Do not print this e-mail unless required. Save Paper & trees. <br> <br> On Wednesday 28 September 2016 12:18 PM, Ondra Machacek wrote: <br> <blockquote type="cite">On 09/28/2016 05:25 AM, Anantha Raghava wrote: <br> <blockquote type="cite">Hi, <br> <br> I am trying to integrate the oVirt Engine with Active Directory to <br> enable user logins. I installed the ovirt ldap extension and executed <br> the setup. The process completed successfully and the profile is visible <br> in engine log in page. <br> </blockquote> Most probably it wasn't successful, because as you can see in <br> screenshot there is no 'namespace', you should see there something, if <br> configuration is correct. <br> <br> Can you please send output of the following command? <br> <br> $ ovirt-engine-extensions-tool --log-level=FINEST <br> --log-file=/tmp/aaa.log aaa search --extension-name=domain-authz <br> <br> There should be some ERROR or WARN. <br> <br> Thanks. <br> <br> <blockquote type="cite">Now, when I try to add the user and assign the roles, it is not allowing <br> me to browse through the profile & the user list. Infact the "GO" button <br> gets deactivated as shown in the screenshot. <br> <br> How do I set this right and get the user list? <br> <br> -- <br> <br> Thanks & Regards, <br> <br> <br> Anantha Raghava <br> <br> eXza Technology Consulting & Services <br> <br> <br> Do not print this e-mail unless required. Save Paper & trees. <br> <br> <br> <br> _______________________________________________ <br> Users mailing list <br> <a class="moz-txt-link-abbreviated" href="mailto:Users@ovirt.org">Users@ovirt.org</a> <br> <a class="moz-txt-link-freetext" href="http://lists.ovirt.org/mailman/listinfo/users">http://lists.ovirt.org/mailman/listinfo/users</a> <br> <br> </blockquote> </blockquote> </blockquote> </blockquote> </blockquote> </blockquote> <br> </blockquote> <br> </blockquote> <br> </blockquote> </blockquote> <br> </body> </html> --------------834EC06451ACB404FC8221BF--
participants (2)
-
Anantha Raghava -
Ondra Machacek