[Users] LDAP
Nathan Stratton
nathan at robotics.net
Fri Feb 24 18:59:12 UTC 2012
On Fri, 24 Feb 2012, Yair Zaslavsky wrote:
> Hi Nathan,
>
> I think you're using the wrong query with IPA.
Yep, but so far I have not found how to fix ovirt to use the correct one.
> the part of samaccounttype=805306368 should be replaced with
> objectClass=krbPrincipalAux
> the part of userprincipalname should be replaced with -
>
> krbPrincipalName=nathan at BBLINKMIND.NET
>
> So I guess the filter should look like -
> (&(objectClass=krbPrincipalAux)(krbPrincipalName=nathan at BBLINKMIND.NET))
Yes, I understand the query is wrong, what I don't understand is how to
make ovirt use the correct query. I started working trying to get LDAP to
work with my OpenLDAP system and was told that ovirt does not yet support
it. I asked what was supported and was told to try 389, but ran into
issues with that so then I was asked to try IPA and now have this issue.
> I did not develop the IPA support, however, I checked the file -
> LdapQueryMetadataFactoryImpl.java and found definitions of the queries
> for the different providers - what you will see there is that each LDAP
> provider has its own map of keys to queries - the relevant key is
> LdapQueryType.getUserByPrincipalName - so you can see how it is defined
> in adHashMap and how it is defined in ipaHashMap, and other maps (dsMap
> , for instance).
I don't have that .java file, I do have the .class. I am new to Java, how
do I go about modifying ovirt to use the correct query?
><>
Nathan Stratton CTO, BlinkMind, Inc.
nathan at robotics.net nathan at blinkmind.com
http://www.robotics.net http://www.blinkmind.com
More information about the Users
mailing list