[Users] Restirct list of AD servers
Yair Zaslavsky
yzaslavs at redhat.com
Mon Feb 18 13:37:28 UTC 2013
Will -ldapServers option help you ?
It allows you to set an LDAP servers per domain, and modified the krb5.conf file accordingly, under the assumption that the ldap server also serves as KDC.
Yair
----- Original Message -----
> From: "Keith Mitchell" <kamitch at cisco.com>
> To: users at ovirt.org
> Sent: Monday, February 18, 2013 3:21:51 PM
> Subject: [Users] Restirct list of AD servers
>
> I have a situation where the Active Directory domain I am trying to
> use
> as authentication for ovirt lists many servers all around the world.
>
> But... my server running ovirt is sitting behind a firewall that
> doesn't
> allow me to access all of them... only the local ones. We do have a
> "locater dns record" which we can query at a well known name and it
> will
> always return the local ip address of the AD server... but if you
> query
> the SRV records for the domain it will return all of the servers.
>
> I was able to add the domain using engine-manage-domains, and I
> tweaked
> the /etc/ovirt-engine/krb5.conf to only include the local AD servers
> where we can access, but that doesn't seem to be sufficient.
>
> Not sure if ovirt is querying the dns records on boot to get the list
> of
> servers to talk to or not, but it doesn't seem to be using
> /etc/ovirt-engine/krb.conf for this purpose.
>
> So... is there anyway to manually force it to use a certain server
> and
> not have it query dns?
>
> thanks.
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
More information about the Users
mailing list