[Users] call for suggests on oVirt authentication back-end (directory service, etc.)
Itamar Heim
iheim at redhat.com
Wed Oct 10 10:13:34 UTC 2012
On 10/09/2012 03:56 PM, Alan Johnson wrote:
> Thanks to Tim Hildred, I found out about the need to have a directory
> server. Before I embark on this path, I thought I could ping the
> community to get a since for what is common, easy, and/or available to
> best suit our wants.
>
> First, what's the easiest one to setup and use? Something with a simple
> GUI would be desirable: a webmin module perhaps?
>
> Most ideal would be something that is in line with our desire to move
> towards single sign on, ultimately authenticating against Google Apps.
> Does Google provide something supported? Is there something that can
> proxy google apps auth to an oVirt supported protocol?
>
> Alternately, we have an LDAP server, but it does NOT store passwords,
> and as such, does not provide authentication for anything. Will oVirt
> store passwords for users created from such an LDAP service, or does
> LDAP need to be the authority as well?
>
> Finally, we also have NIS setup (thought we hope to get away from that
> soon), so some means of authenticating through the systems local PAM
> system would be the next most convenient.
>
> These are just thoughts and I am completely open to suggestions. Thanks
> in advance for any input! =)
in the future, well, everything is possible. for now, your choices are:
freeIPA/IPA
389ds/RHDS
MS AD
Tivoli DS
ovirt does not store passwords (other than for admin at internal)
More information about the Users
mailing list