[Users] OpenLDAP Simple Authentication in Ovirt Engine
Itamar Heim
iheim at redhat.com
Mon Dec 3 23:47:52 UTC 2012
On 12/02/2012 08:10 AM, Oved Ourfalli wrote:
>
>
> ----- Original Message -----
>> From: "Thierry Kauffmann" <thierry.kauffmann at univ-montp2.fr>
>> To: "cristi falcas" <cristi.falcas at gmail.com>
>> Cc: users at ovirt.org
>> Sent: Saturday, December 1, 2012 5:56:14 PM
>> Subject: [Users] OpenLDAP Simple Authentication in Ovirt Engine
>>
>>
>>
>>
>>
>>
>> Hi,
>>
>> I am currently testing Ovirt 3.1 standalone on Fedora 17.
>>
>> Until now, I could only use the default user admin at internal.
>>
>> Our Directory at the University is OpenLDAP. We use it for
>> authentication
>> WITHOUT Kerberos : Simple authentication.
>>
>> I wonder how to use this backend to authenticate users and manage
>> groups
>> in Ovirt.
>>
>> Has anyone already set this up ?
>> How to configure Ovirt to use Simple Authentication (No Kerberos).
>>
>> Cheers,
>>
>> --
>> Thierry Kauffmann
>> Chef du Service Informatique // Facult? des Sciences // Universit? de
>> Montpellier 2
>>
>> [image: SIF - Service Informatique de la Facult? des Sciences]
>> <http://sif.info-ufr.univ-montp2.fr/> [image:
>> UM2 - Universit? de Montpellier 2] <http://www.univ-montp2.fr/>
>> Service
>> informatique de la Facult? des Sciences (SIF)
>> Universit? de Montpellier 2
>> CC437 // Place Eug?ne Bataillon // 34095 Montpellier Cedex 5
>>
>> T?l : 04 67 14 31 58
>> email : thierry.kauffmann at univ-montp2.fr web :
>> http://sif.info-ufr.univ-montp2.fr/
>> http://www.fdsweb.univ-montp2.fr/
>> _______________________________________________
>> Users mailing list Users at ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users Hi,
>>
>> This is a response from an older thread from Yair Zaslavsky:
>>
>> " there is no code allowing to add simple-authentication domains to
>> Manage-Domains.
>> In the past we did have the ability to do that, but there are several
>> problematic issues."
>>
>> Best regards, Hi,
>>
>> correct-me if I am wrong but this wiki page (
>> http://www.ovirt.org/DomainInfrastructure ) states clearly :
>>
>>
>>
>>
>>
>> 1. Authenticating Active Directory, IPA and RHDS using either
>> simple or gssapi authentication
>> 2. Querying the directory using the LDAP protocol
>> 3. Auto deducing the LDAP provider type
>> 4. Easily adding new LDAP provider types
>> 5. Easily adding new query types
>>
>> So what ?
>>
> We supported simple authentication in the past, but it is no longer supported, that's why you can't set that using the manage domains utility.
> It may work well in some providers (in the past we supported that for active directory, so I guess it would work there).
I don't think we removed SIMPLE from the engine, we just don't recommend
using it, since it doesn't encrypt user/password on the network (it is
sometime useful for debugging).
>
> We also don't auto deduce the LDAP provider type anymore, as changes in the providers caused some issues with it.
>
> I'll edit the wiki accordingly (btw, I remember removing it from the wiki... so it is weird that it is still there...).
>
> Oved
>
>>
>> --
>> signature-TK Thierry Kauffmann
>> Chef du Service Informatique // Faculté des Sciences // Université de
>> Montpellier 2
>>
>>
>> SIF - Service Informatique de la Faculté
>> des Sciences UM2 -
>> Université de Montpellier 2 Service informatique de
>> la Faculté des Sciences (SIF)
>> Université de Montpellier 2
>> CC437 // Place Eugène Bataillon // 34095 Montpellier Cedex 5
>>
>> Tél : 04 67 14 31 58
>> email : thierry.kauffmann at univ-montp2.fr
>> web : http://sif.info-ufr.univ-montp2.fr/
>> http://www.fdsweb.univ-montp2.fr/
>>
>> _______________________________________________
>> Users mailing list
>> Users at ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
>>
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
More information about the Users
mailing list