[ovirt-users] Extension aaa: No search for principal

Alon Bar-Lev alonbl at redhat.com
Tue Sep 15 20:54:52 UTC 2015



----- Original Message -----
> From: "Daniel Helgenberger" <daniel.helgenberger at m-box.de>
> To: "Alon Bar-Lev" <alonbl at redhat.com>
> Cc: Users at ovirt.org
> Sent: Tuesday, September 15, 2015 11:09:45 PM
> Subject: Re: [ovirt-users] Extension aaa: No search for principal
> 
> I think I did find the issue here;
> 
> my domain is named int.corp.com
> 
> I have defined several UPN aliases and our real world users do use the UPN
> @corp.com.
> 
> Using some internal user with UPN int.corp.com the authentication works as
> expected; while my real world users fail.
> 
> I tried to create a new profile for that; but it fails to load off course
> because the domain corp.com cannot be connected.
> 

the user is upn, users should specify their full upn if this non default domain suffix.

you do not need a new profile.

in your case it would probably be user1 at corp.com for user1.



More information about the Users mailing list