[ovirt-users] aaa-LDAP schema selection

Alon Bar-Lev alonbl at redhat.com
Thu Dec 24 06:08:43 UTC 2015


Hi,

Of course only OpenLDAP schamas are to be considered.

In most cases it is sufficient to check if user is of uidObject object class which means that you use openldap scehma or posixAccount which means that you are using rfc2307.

Regards,
Alon

----- Original Message -----
> From: "Jamie Lawrence" <jlawrence at squaretrade.com>
> To: "users" <users at ovirt.org>
> Sent: Thursday, December 24, 2015 3:06:56 AM
> Subject: [ovirt-users] aaa-LDAP schema selection
> 
> Hello all,
> 
> I’d like to get the LDAP plugin working. We have a lovely LDAP setup deployed
> (OpenLDAP), and nobody here has a clue how to map what we have to the
> options the installer presents.
> 
> Well, a clue, yes.
> 
> We include the core, cosine, nis, inetorgperson and misc schemas in the
> config.
> 
> The RHDS, 389, AD, IPA and Novell options are eliminated because we aren’t
> running any of that. I eliminated ‘RFC-2307 Schema (Generic)’ by finding
> attributes not included in the RFC, but added by OpenLDAP.
> 
> Assuming what we are running maps to any of them, one of the  ‘OpenLDAP
> [RFC-2307|Standard] Schema' seem likely.
> 
> Does anyone know of a test (attribute that should be in one, or not in
> another, or some such) to figure this out? Can it be inferred from my schema
> includes (listed above)? I fear that determining this via process of
> elimination is going to be brutal due to difficult-to-replicate weirdness
> because of only minor differences, and the fact that there are other moving
> parts at the moment with this setup.
> 
> And to those who enjoy them, happy holidays.
> 
> -j
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
> 



More information about the Users mailing list