[ovirt-users] Disable admin at internal account
Jorick Astrego
j.astrego at netbulae.eu
Wed Apr 15 10:30:29 UTC 2015
On 04/15/2015 12:08 PM, Николаев Алексей wrote:
> Hi community!
>
> The Red_Hat_Enterprise_Virtualization-3.5-Administration_Guide says
> how to add users from external directory.
> But now i want to disable admin at internal
> <mailto:admin at internal> account for security reasons and use it only
> for disaster recovery situations (or then ldaps servers not
> available). Can i do it?
>
> What are best practises for use only external directory?
> If i delete admin at internal <mailto:admin at internal> account can i add
> it again?
>
>
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
Should be possible last time I asked, see response below:
Subject: Re: [ovirt-users] oVirt 3.5 and FreeIpa
Date: Thu, 22 Jan 2015 06:59:52 -0500 (EST)
From: Alon Bar-Lev <alonbl at redhat.com>
To: Jorick Astrego <j.astrego at netbulae.eu>
CC: users at ovirt.org
<snip>
Also can we get rid of the internal admin or better just disable
internal authenticationt without problems? As we have ipa we don't want
local login enabled, but in emergency situations we might need to turn
it on quickly.
Yes, you can disable the internal by creating /etc/ovirt-engine/engine.conf.d/50-disable-internal.conf
---
ENGINE_EXTENSION_ENABLED_builtin-authn-internal = false
---
Hmmm.... we have a bug in this case... will fix, so let's just disable the authz for now.
---
ENGINE_EXTENSION_ENABLED_internal = false
Met vriendelijke groet, With kind regards,
Jorick Astrego
Netbulae Virtualization Experts
----------------
Tel: 053 20 30 270 info at netbulae.eu Staalsteden 4-3A KvK 08198180
Fax: 053 20 30 271 www.netbulae.eu 7547 TA Enschede BTW NL821234584B01
----------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20150415/d3fda1ba/attachment-0001.html>
More information about the Users
mailing list