[ovirt-users] Setting Base DN for LDAP authentication
jdeloro at web.de
jdeloro at web.de
Mon Jan 12 14:16:17 UTC 2015
Hello,
many thanks to Alon! We have a working setup with support for base dn. The special challenge in our setup is the constraint of specifying a base dn for every ldap search and referrals inside the branches that must be processed.
If anyone has the same problem, our working configuration with a slightly newer version of ovirt-engine-extension-aaa-ldap is:
$ cat /etc/ovirt-engine/aaa/company-ldap.properties
include = <rfc2307-openldap.properties>
vars.server = ldap.company.de
vars.user = cn=system,dc=company,dc=de
vars.password = password
pool.default.serverset.single.server = ${global:vars.server}
pool.default.auth.simple.bindDN = ${global:vars.user}
pool.default.auth.simple.password = ${global:vars.password}
sequence-init.init.100-my-basedn-init-vars = my-basedn-init-vars
sequence.my-basedn-init-vars.010.description = set baseDN
sequence.my-basedn-init-vars.010.type = var-set
sequence.my-basedn-init-vars.010.var-set.variable = simple_baseDN
sequence.my-basedn-init-vars.010.var-set.value = dc=company,dc=de
search.default.search-request.derefPolicy = ALWAYS
Best regards
Jannick
More information about the Users
mailing list