[ovirt-users] Setting Base DN for LDAP authentication

jdeloro at web.de jdeloro at web.de
Mon Jan 12 14:16:17 UTC 2015


Hello,

many thanks to Alon! We have a working setup with support for base dn. The special challenge in our setup is the constraint of specifying a base dn for every ldap search and referrals inside the branches that must be processed.

If anyone has the same problem, our working configuration with a slightly newer version of ovirt-engine-extension-aaa-ldap is:

$ cat /etc/ovirt-engine/aaa/company-ldap.properties 
include = <rfc2307-openldap.properties>

vars.server = ldap.company.de

vars.user = cn=system,dc=company,dc=de
vars.password = password

pool.default.serverset.single.server = ${global:vars.server}
pool.default.auth.simple.bindDN = ${global:vars.user}
pool.default.auth.simple.password = ${global:vars.password}

sequence-init.init.100-my-basedn-init-vars = my-basedn-init-vars
sequence.my-basedn-init-vars.010.description = set baseDN
sequence.my-basedn-init-vars.010.type = var-set
sequence.my-basedn-init-vars.010.var-set.variable = simple_baseDN
sequence.my-basedn-init-vars.010.var-set.value = dc=company,dc=de

search.default.search-request.derefPolicy = ALWAYS

Best regards

Jannick



More information about the Users mailing list