[ovirt-users] How to mapping LDAP users in AAA
lofyer
lofyer at gmail.com
Tue Oct 14 06:29:57 UTC 2014
Sun Java Access System Manager
在 14-10-14 下午1:52, Yair Zaslavsky 写道:
>
> ----- Original Message -----
>> From: "lofyer" <lofyer at gmail.com>
>> To: "users" <users at ovirt.org>
>> Sent: Tuesday, October 14, 2014 5:10:56 AM
>> Subject: [ovirt-users] How to mapping LDAP users in AAA
>>
>> I've got a LDAP server without kerberos and I am trying to intergrate
>> its users to oVirt-3.5 with AAA.
>> ==========================
> Which ldap server is that, what vendor?
>
>> /etc/ovirt-engine/aaa/example.properties:
>>
>> include = <openldap.properties>
>>
>> vars.user = cn=directory manager
>> vars.password = mypassword
>> vars.server = example.com
>>
>> #pool.default.ssl.startTLS = false
>> #pool.default.ssl.truststore.file = /etc/ldap_tls/ca_cert.pem
>> #pool.default.ssl.truststore.password = admin
>>
>> pool.default.serverset.single.server = ${global:vars.server}
>> pool.default.auth.simple.bindDN = ${global:vars.user}
>> pool.default.auth.simple.password = ${global:vars.password}
>> ==========================
>>
>> This is my basic ldap infomation:
>>
>> ou=Groups
>> |
>> +---- cn=UserGroup1
>> |
>> +---- cn=UserGroup2
>>
>> ou=UserGroup1
>> |
>> +---- cn=user1
>> |
>> +---- cn=user2
>>
>>
>> ou=UserGroup2
>> |
>> +---- cn=user3
>> |
>> +---- cn=user4
>>
>> ==========================
>>
>> Now I can see example.com in web portal but I cannot list users in UG1
>> or UG2.
>>
>> I find that I could map DN, ID NAME, DISPLAY in the config file. What
>> should I add in the config file then?
>> _______________________________________________
>> Users mailing list
>> Users at ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
>>
More information about the Users
mailing list