[ovirt-users] adding machine to openldap + kerberos with a keytab

Yair Zaslavsky yzaslavs at redhat.com
Wed Sep 10 23:28:19 UTC 2014



----- Original Message -----
> From: "William Law" <wlaw at stanford.edu>
> To: "Yair Zaslavsky" <yzaslavs at redhat.com>
> Cc: "users" <users at ovirt.org>
> Sent: Thursday, September 11, 2014 2:11:08 AM
> Subject: Re: [ovirt-users] adding machine to openldap + kerberos with a keytab
> 
> OK, thanks.  Is there a way to perform it without manage-domains currently or
> in 3.5?

in 3.5  - you can add new authn (authentication) and authz (authorization) providers by using configuration files.

> 
> Regards,
> 
> Will
> 
> On Sep 10, 2014, at 4:07 PM, Yair Zaslavsky <yzaslavs at redhat.com> wrote:
> 
> > 
> > 
> > ----- Original Message -----
> >> From: "William Law" <wlaw at stanford.edu>
> >> To: "users" <users at ovirt.org>
> >> Sent: Thursday, September 11, 2014 1:53:04 AM
> >> Subject: [ovirt-users] adding machine to openldap + kerberos with a keytab
> >> 
> >> Hi,
> >> 
> >> When I try to use engine-manage-domains it seems to expect an account to
> >> sign
> >> in with.  Is there any way to use a key tab?  It seems like it does all
> >> this
> >> under the surface eventually; I'd just like to do it up front.
> >> 
> >> Even a pointer to "manual" adding instructions would be very helpful.
> >> 
> >> Thanks,
> >> 
> >> Will
> > 
> > Hi Will,
> > No way to perform this with manage domains at the moment.
> > 
> > Not sure if we will invest in this, as in oVirt 3.5 we introduce a
> > pluggable architecture for AAA, based on extensions + configuration files
> > managed-domains should be used to support existing setups that will undergo
> > upgrade to 3.5 (or of course, will remain in their current versions).
> > 
> >> _______________________________________________
> >> Users mailing list
> >> Users at ovirt.org
> >> http://lists.ovirt.org/mailman/listinfo/users
> >> 
> 
> 
> 



More information about the Users mailing list