[Users] Ovirt 3.1 and Samba4 AD

Charlie medievalist at gmail.com
Wed Nov 14 16:41:42 UTC 2012


The domainInfrastructure wiki page is helpful.  The examples are
great.  It has enough information to understand how oVirt formats an
LDAP filter string, for example, which is very important.  The
constant use of the word "domain" is confusing, though.

People outside the Microsoft world don't know that Microsoft
documentation uses three different definitions of domain, sometimes in
the same document.  Most people will probably just assume you mean an
IANA domain.

I've worked with LDAP for over ten years, and I read the oVirt
domainInfrastructure page three or four times but I still couldn't
figure out why it kept talking about domains and LDAP at the same time
until I took a week of AD classes and studied a couple of O'Reilly AD
books.

For example, when the oVirt wiki talks about "root DSE for domain" it
doesn't make sense to anyone who isn't already familiar with AD.  A
rootDSE describes the configuration of a DSA instance (LDAP server
daemon) as defined in RFC4512 section 5.1, and doesn't have anything
to do with domains.  The word domain does not occur in RFC4512 or
RFC2251 at all.  The page doesn't explain why oVirt needs a domain and
a root DSE to have any special relationship.  ISPs load information
for hundreds of IANA domains under a single root DSE and it's not a
problem; I've done five domains in one DSA under one root DSE.

If there was an oVirt wiki page called LDAP or
DirectoryInfrastructure, that page could explain if domains really
need to be part of oVirt, and if so which kind of domain, and then
link the current domainInfrastructure page.  Or it could link a
separate page for each directory supported by oVirt, and the current
domainInfrastructure page could become an activeDirectory page and
retain all the AD-specific language.

--Charlie

On Wed, Nov 14, 2012 at 8:50 AM, Oved Ourfalli <ovedo at redhat.com> wrote:
>
>
> ----- Original Message -----
>> From: "Jiri Belka" <jbelka at redhat.com>
>> To: users at ovirt.org
>> Sent: Wednesday, November 14, 2012 9:30:39 AM
>> Subject: Re: [Users] Ovirt 3.1 and Samba4 AD
>>
>> On 11/13/2012 09:40 PM, Charlie wrote:
>> > I would like to help oVirt gain compatibility with standards-based
>> > services like OpenLDAP, but the code's in a language I haven't used
>> > and a version control system I haven't used and the wiki has no
>> > LDAP
>> > interaction design documents (other than the sources themselves)
>> > and
>> > I've got very limited free time, all of which makes it hard to
>> > contribute.
>>
>> +1
>>
>
> We do have some wiki pages that can be useful to set up a development environment, like:
> http://wiki.ovirt.org/wiki/Working_with_oVirt_Gerrit
> http://wiki.ovirt.org/wiki/Building_oVirt_engine
>
> Architecture page:
> http://wiki.ovirt.org/wiki/Architecture
>
> And specifically, there is a wiki page on the LDAP infrastructure, that can give a clue on what entities we have there, and how to work with them:
> http://wiki.ovirt.org/wiki/DomainInfrastructure
>
>> --
>>
>> Jiri Belka
>> jbelka at redhat.com
>> _______________________________________________
>> Users mailing list
>> Users at ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
>>



More information about the Users mailing list