[ovirt-users] Can not configure with simple LDAP.
Fumihide Tani
RXC05271 at nifty.com
Sun Sep 21 08:11:11 UTC 2014
Hi, Alon
Very thanks for your help.
My problem was solved and the AAA is working now.
I could add LDAP user. :)
Fumihide Tani
(2014/09/21 16:19), Alon Bar-Lev wrote:
>
> ----- Original Message -----
>> From: "Alon Bar-Lev" <alonbl at redhat.com>
>> To: "Fumihide Tani" <RXC05271 at nifty.com>
>> Cc: users at ovirt.org
>> Sent: Sunday, September 21, 2014 10:19:11 AM
>> Subject: Re: [ovirt-users] Can not configure with simple LDAP.
>>
>> Hi,
>>
>> You need to create authz extension as well (authz-company).
>> The configuration you provided is establishing authentication only (authn)
>> which refer to authz-company but you did not add it.
>>
>> The terms are:
>> 1. authn - who the user is.
>> 2. authz - what user is permitted.
>> 3. profile - combination of the two.
>>
>> -----------------------------
>> # vi /etc/ovirt-engine/extensions.d/authz-company.properties
>> ovirt.engine.extension.name = authz-company
>> ovirt.engine.extension.bindings.method = jbossmodule
>> ovirt.engine.extension.binding.jbossmodule.module =
>> org.ovirt.engine-extensions.aaa.ldap
>> ovirt.engine.extension.binding.jbossmodule.class =
>> org.ovirt.engineextensions.aaa.ldap.AuthnExtension
> Sorry:
> org.ovirt.engineextensions.aaa.ldap.AuthzExtension
>> ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authz
>> config.profile.file.1 = /etc/ovirt-engine/aaa/rxc05271.properties
>> --------------------------------------------------
>>
>> Regards,
>> Alon
>
More information about the Users
mailing list