[ovirt-users] oVirt 3.5 and FreeIpa
Marcelo Donato
donato at din.uem.br
Fri Oct 31 13:47:12 UTC 2014
Below the solution. Resolved By "Alon Bar-Lev" <alonbl at redhat.com>
1. install ovirt-engine-extension-aaa-ldap, it is available in
ovirt-3.5-snapshots repository.
2. create /etc/ovirt-engine/extensions.d/din.intranet-authz.properties
ovirt.engine.extension.name = din-intranet-authz
ovirt.engine.extension.bindings.method = jbossmodule
ovirt.engine.extension.binding.jbossmodule.module =
org.ovirt.engine-extensions.aaa.ldap
ovirt.engine.extension.binding.jbossmodule.class =
org.ovirt.engineextensions.aaa.ldap.AuthzExtension
ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authz
config.profile.file.1 = /etc/ovirt-engine/aaa/din.intranet.properties
3. create /etc/ovirt-engine/extensions.d/din.intranet-authn.properties
ovirt.engine.extension.name = din-intranet-authn
ovirt.engine.extension.bindings.method = jbossmodule
ovirt.engine.extension.binding.jbossmodule.module =
org.ovirt.engine-extensions.aaa.ldap
ovirt.engine.extension.binding.jbossmodule.class =
org.ovirt.engineextensions.aaa.ldap.AuthnExtension
ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authn
ovirt.engine.aaa.authn.profile.name = din.intranet
ovirt.engine.aaa.authn.authz.plugin = din-intranet-authz
config.profile.file.1 = /etc/ovirt-engine/aaa/din.intranet.properties
4. create /etc/ovirt-engine/aaa/din.intranet.properties
include = <ipa.properties>
vars.user = uid=admin,cn=users,cn=accounts,dc=din,dc=intranet
vars.password = 123456
vars.server = ipa1.din.intranet
pool.default.serverset.single.server = ${global:vars.server}
pool.default.auth.simple.bindDN = ${global:vars.user}
pool.default.auth.simple.password = ${global:vars.password}
5. restart engine.
Thanks a lot Alon.
--
Ao encaminhar esta mensagem, por favor:
1. Apague o meu e-mail e o meu nome.
2. Apague também os endereços dos amigos antes de reenviar
3. Use Cco ou Bcc para enviar mensagens!
Dificulte a disseminação de vírus e spam.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20141031/07ef7b7e/attachment-0001.html>
More information about the Users
mailing list