[Users] Ovirt 3.1 and Samba4 AD
Alejandro
aescanero at gmail.com
Tue Nov 13 13:53:24 UTC 2012
I'm triing to use Samba4rc5 like autenticator for Ovirt 3.1.0-3.26
First problem is Ovirt is user usernameprincipal (login at domain in place of
login) to autenticate with Samba4, But samba4 don't use it.
I use
engine-manage-domains -action=add -domain=DOMAINFQDN -user=LOGIN
-provider=ActiveDirectory -interactive -addPermissions
And the result is:
No user in Directory was found for LOGIN at DOMAINFQDN. Trying next LDAP
server in list
Failure while testing domain DOMAINFQDN. Details: No user information was
found for user
And the Samba4 give me:
filter=(&(sAMAccountType=805306368)(userPrincipalName=LOGIN at DOMAINFQDN))
But no userPrincipalName is configured in any user.
Actual Solution: I add a userPrincipalName LOGIN at DOMAINFQDN in the LOGIN
account (using a ldap tool) and add the ovirt machine to the domain.
After restart the ovirt engine I go to the UserPortal.
I find now other problem, the user isn't search by the Common Name (cn), a
example of search
filter=(&(sAMAccountType=805306368)(|(givenname=TESTLOGIN)(sn=TESTLOGIN)(samaccountname=TESTLOGIN)(userPrincipalName=TESTLOGIN)))
must be
filter=(&(sAMAccountType=805306368)(|(givenname=TESTLOGIN)(cn=TESTLOGIN)(sn=TESTLOGIN)(samaccountname=TESTLOGIN)(userPrincipalName=TESTLOGIN)))
Thanks for all
--
Alejandro Escanero Blanco
Consultor de sistemas basados en fuentes abiertas
Desarrollador de FusionDirectory (http://www.fusiondirectory.org)
Blog: http://www.disasterproject.com
Jabber: blainett at jabberes.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20121113/e70ab554/attachment-0001.html>
More information about the Users
mailing list