[ovirt-users] Errors while trying to join an external LDPA provider

Ondra Machacek omachace at redhat.com
Tue May 3 09:19:28 UTC 2016


On 05/03/2016 11:03 AM, Alexis HAUSER wrote:
>
>>> However, I can't login with any user...But with ldapsearch I can find those users with uid=user
>>>
>>> I used ovirt-engine-extensions-tool aaa login-user  --profile=xxx --user-name=xxx
>>> and I realize now what is the problem : the available namespaces shows the wrong dn. It should be instead one level >above (or it will not possible to find the users)
>>>
>>> Any idea how I can change that in the configuration ?
>>>
>
>> You can specify custom base DN, which overrides the one which is
>> automatically resolved if
>> you add following lines into /etc/ovirt-engine/aaa/your_profile.properties:
>>
>>  sequence-init.init.100-my-basedn-init-vars = my-basedn-init
>>  sequence.my-basedn-init.010.description = set custom baseDN
>>  sequence.my-basedn-init.010.type = var-set
>>  sequence.my-basedn-init.010.var-set.variable = simple_baseDN
>>  sequence.my-basedn-init.010.var-set.value = dc=your,dc=different,dc=dn
>
> Thank you, now I see the correct namespace shown, but still no way to login with any user...Any idea ?
>

Hard to say without logs, can you please share log output of 
ovirt-engine-extensions-tool?
Please run it with:
  ovirt-engine-extensions-tool --log-level=FINEST --log-file=output.log 
aaa login-user  --profile=xxx --user-name=xxx



More information about the Users mailing list