[Users] LDAP
Yair Zaslavsky
yzaslavs at redhat.com
Thu Feb 23 07:33:59 UTC 2012
On 02/23/2012 09:20 AM, Itamar Heim wrote:
> On 02/22/2012 11:02 PM, Nathan Stratton wrote:
>>
>> On Wed, 22 Feb 2012, Oved Ourfalli wrote:
>>
>>> Hey,
>>>
>>> This error usually happens where there is no krb5.conf file, or there
>>> is one, but your domain isn't in that.
>>> The krb5.conf file should be located in
>>> $JBOSS_HOME/standalone/configuration directory.
>>
>> Ya, I gave up on the 389/Kerberos, looking at FreeIPA now.
>>
>> BTW, why can't we just use LDAP???
>
> well, this goes to history, as ovirt was ported from a C# solution
> focused that evolved to server virtualization from VDI (virtual desktops).
> virtual desktops were mostly windows.
> so integration with AD was a must, and was based on kerberos (in C#)
> java port first supported backward compatibility.
> nothing prevents adding LDAP support, but it probably requires
> supporting multiple LDAP redundant servers and SSL.
>
> btw, the code for basic LDAP (WITHOUT SECURITY) may still work, if you
> change the authentication type to "SIMPLE".
> but it is never discussed as a deployment option, as it is not secure.
But what about schema differentiation?
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
More information about the Users
mailing list