[Users] OpenLDAP Simple Authentication in Ovirt Engine
Oved Ourfalli
ovedo at redhat.com
Sun Dec 2 06:10:47 UTC 2012
----- Original Message -----
> From: "Thierry Kauffmann" <thierry.kauffmann at univ-montp2.fr>
> To: "cristi falcas" <cristi.falcas at gmail.com>
> Cc: users at ovirt.org
> Sent: Saturday, December 1, 2012 5:56:14 PM
> Subject: [Users] OpenLDAP Simple Authentication in Ovirt Engine
>
>
>
>
>
>
> Hi,
>
> I am currently testing Ovirt 3.1 standalone on Fedora 17.
>
> Until now, I could only use the default user admin at internal.
>
> Our Directory at the University is OpenLDAP. We use it for
> authentication
> WITHOUT Kerberos : Simple authentication.
>
> I wonder how to use this backend to authenticate users and manage
> groups
> in Ovirt.
>
> Has anyone already set this up ?
> How to configure Ovirt to use Simple Authentication (No Kerberos).
>
> Cheers,
>
> --
> Thierry Kauffmann
> Chef du Service Informatique // Facult? des Sciences // Universit? de
> Montpellier 2
>
> [image: SIF - Service Informatique de la Facult? des Sciences]
> <http://sif.info-ufr.univ-montp2.fr/> [image:
> UM2 - Universit? de Montpellier 2] <http://www.univ-montp2.fr/>
> Service
> informatique de la Facult? des Sciences (SIF)
> Universit? de Montpellier 2
> CC437 // Place Eug?ne Bataillon // 34095 Montpellier Cedex 5
>
> T?l : 04 67 14 31 58
> email : thierry.kauffmann at univ-montp2.fr web :
> http://sif.info-ufr.univ-montp2.fr/
> http://www.fdsweb.univ-montp2.fr/
> _______________________________________________
> Users mailing list Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users Hi,
>
> This is a response from an older thread from Yair Zaslavsky:
>
> " there is no code allowing to add simple-authentication domains to
> Manage-Domains.
> In the past we did have the ability to do that, but there are several
> problematic issues."
>
> Best regards, Hi,
>
> correct-me if I am wrong but this wiki page (
> http://www.ovirt.org/DomainInfrastructure ) states clearly :
>
>
>
>
>
> 1. Authenticating Active Directory, IPA and RHDS using either
> simple or gssapi authentication
> 2. Querying the directory using the LDAP protocol
> 3. Auto deducing the LDAP provider type
> 4. Easily adding new LDAP provider types
> 5. Easily adding new query types
>
> So what ?
>
We supported simple authentication in the past, but it is no longer supported, that's why you can't set that using the manage domains utility.
It may work well in some providers (in the past we supported that for active directory, so I guess it would work there).
We also don't auto deduce the LDAP provider type anymore, as changes in the providers caused some issues with it.
I'll edit the wiki accordingly (btw, I remember removing it from the wiki... so it is weird that it is still there...).
Oved
>
> --
> signature-TK Thierry Kauffmann
> Chef du Service Informatique // Faculté des Sciences // Université de
> Montpellier 2
>
>
> SIF - Service Informatique de la Faculté
> des Sciences UM2 -
> Université de Montpellier 2 Service informatique de
> la Faculté des Sciences (SIF)
> Université de Montpellier 2
> CC437 // Place Eugène Bataillon // 34095 Montpellier Cedex 5
>
> Tél : 04 67 14 31 58
> email : thierry.kauffmann at univ-montp2.fr
> web : http://sif.info-ufr.univ-montp2.fr/
> http://www.fdsweb.univ-montp2.fr/
>
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
More information about the Users
mailing list