[Users] 3.2 beta and IPA domain question

Tim Hildred thildred at redhat.com
Tue Feb 5 01:25:18 UTC 2013 

> After "Users from this domain can be granted permissions from the Web
> administration interface." Maybe we should add "or the domain should
> be added/editted with the -addPermissions option".
> 
> What do you think?

I think that, by the time this message is shown, the domain has been added. No point in telling about how the domain _could_ have been added. Something like 
"Users from this domain can be granted permissions from the Web administration interface, or by passing the -addPermissions flag to engine-manage-domains."


Tim Hildred, RHCE
Content Author II - Engineering Content Services, Red Hat, Inc.
Brisbane, Australia
Email: thildred at redhat.com
Internal: 8588287
Mobile: +61 4 666 25242
IRC: thildred

----- Original Message -----
> From: "Yair Zaslavsky" <yzaslavs at redhat.com>
> To: "Gianluca Cecchi" <gianluca.cecchi at gmail.com>
> Cc: "users" <users at ovirt.org>
> Sent: Sunday, February 3, 2013 4:13:58 PM
> Subject: Re: [Users] 3.2 beta and IPA domain question
> 
> A question about this -
> Do you think the message printed to the user (after the domain is
> added without -addPermissions) should be extended and have addition
> line like
> 
> After "Users from this domain can be granted permissions from the Web
> administration interface." Maybe we should add "or the domain should
> be added/editted with the -addPermissions option".
> 
> What do you think?
> 
> 
> ----- Original Message -----
> > From: "Gianluca Cecchi" <gianluca.cecchi at gmail.com>
> > To: "users" <users at ovirt.org>
> > Sent: Saturday, February 2, 2013 1:22:15 AM
> > Subject: [Users] 3.2 beta and IPA domain question
> > 
> > Hello,
> > I seem to remember in RHEV 3.0 that when you configured an IPA
> > domain,
> > its admin was automatically configured as an admin for RHEV itself.
> > Is it true and in case does remain true for oVirt?
> > 
> > I configured IPA as shipped on CentOS 6.3+updates
> > ipa-server-2.2.0-17.el6_3.1.x86_64
> > 
> > I successfully added it to y oVirt 3.2 beta setup
> > 
> > [root at f18engine ~]# engine-manage-domains -action=add
> > -domain=LOCALDOMAIN.LOCAL -user=admin -provider=IPA -interactive
> > Enter password:
> > 
> > The domain localdomain.local has been added to the engine as an
> > authentication source but no users from that domain have been
> > granted
> > permissions within the oVirt Manager.
> > Users from this domain can be granted permissions from the Web
> > administration interface.
> > oVirt Engine restart is required in order for the changes to take
> > place (service ovirt-engine restart).
> > Manage Domains completed successfully
> > 
> > Then
> > [root at f18engine ~]# systemctl try-restart ovirt-engine.service
> > [root at f18engine ~]# systemctl status ovirt-engine.service
> > ovirt-engine.service - oVirt Engine
> >  Loaded: loaded (/usr/lib/systemd/system/ovirt-engine.service;
> >  enabled)
> >  Active: active (running) since Sat 2013-02-02 00:10:29 CET; 10s
> >  ago
> > Process: 32512 ExecStop=/usr/bin/engine-service stop (code=exited,
> > status=0/SUCCESS)
> > Process: 32520 ExecStart=/usr/bin/engine-service start
> > (code=exited,
> > status=0/SUCCESS)
> > Main PID: 32521 (java)
> >  CGroup: name=systemd:/system/ovirt-engine.service
> >  └─32521 engine-service -server -XX:+TieredCompilation -Xms1g
> >  -Xmx1g
> > -XX:PermSize=256m -XX:MaxPe...
> > 
> > Feb 02 00:10:28 f18engine.localdomain.local systemd[1]: Starting
> > oVirt Engine...
> > Feb 02 00:10:29 f18engine.localdomain.local engine-service[32520]:
> > Started engine process 32521.
> > Feb 02 00:10:29 f18engine.localdomain.local engine-service[32520]:
> > Starting engine-service: [  OK  ]
> > Feb 02 00:10:29 f18engine.localdomain.local systemd[1]: Started
> > oVirt
> > Engine.
> > 
> > 
> > Now from web admin portal I can choose the "localdomain.local"
> > domain
> > in drop down menu.
> > But when I try to enter the webadmin portal I get:
> > 
> > User is not authorized to perform this action.
> > 
> > 
> > Do I need to grant IPA admin user from internal admin before, or
> > should it just work?
> > 
> > Gianluca
> > _______________________________________________
> > Users mailing list
> > Users at ovirt.org
> > http://lists.ovirt.org/mailman/listinfo/users
> >
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>

More information about the Users mailing list