[ovirt-users] Can not configure with simple LDAP.

[Alon Bar-Lev]

----- Original Message -----
> From: "Fumihide Tani" <RXC05271 at nifty.com>
> To: "Alon Bar-Lev" <alonbl at redhat.com>
> Cc: users at ovirt.org
> Sent: Sunday, September 21, 2014 11:11:11 AM
> Subject: Re: [ovirt-users] Can not configure with simple LDAP.
> 
> Hi, Alon
> 
> Very thanks for your help.
> My problem was solved and the AAA is working now.
> I could add LDAP user. :)

Great.
Can you please send me a patch or modified README to make it better?

Alon

> 
> Fumihide Tani
> 
> (2014/09/21 16:19), Alon Bar-Lev wrote:
> >
> > ----- Original Message -----
> >> From: "Alon Bar-Lev" <alonbl at redhat.com>
> >> To: "Fumihide Tani" <RXC05271 at nifty.com>
> >> Cc: users at ovirt.org
> >> Sent: Sunday, September 21, 2014 10:19:11 AM
> >> Subject: Re: [ovirt-users] Can not configure with simple LDAP.
> >>
> >> Hi,
> >>
> >> You need to create authz extension as well (authz-company).
> >> The configuration you provided is establishing authentication only (authn)
> >> which refer to authz-company but you did not add it.
> >>
> >> The terms are:
> >> 1. authn - who the user is.
> >> 2. authz - what user is permitted.
> >> 3. profile - combination of the two.
> >>
> >> -----------------------------
> >> # vi /etc/ovirt-engine/extensions.d/authz-company.properties
> >> ovirt.engine.extension.name = authz-company
> >> ovirt.engine.extension.bindings.method = jbossmodule
> >> ovirt.engine.extension.binding.jbossmodule.module =
> >> org.ovirt.engine-extensions.aaa.ldap
> >> ovirt.engine.extension.binding.jbossmodule.class =
> >> org.ovirt.engineextensions.aaa.ldap.AuthnExtension
> > Sorry:
> > org.ovirt.engineextensions.aaa.ldap.AuthzExtension
> >> ovirt.engine.extension.provides =
> >> org.ovirt.engine.api.extensions.aaa.Authz
> >> config.profile.file.1 = /etc/ovirt-engine/aaa/rxc05271.properties
> >> --------------------------------------------------
> >>
> >> Regards,
> >> Alon
> >
> 
> 
>