[ovirt-users] Can't perform search after setting up an Active Directory

Ondra Machacek omachace at redhat.com
Tue May 31 13:50:39 UTC 2016

On 05/31/2016 03:29 PM, Alexis HAUSER wrote:
>> Until administrators will fix AD servers, in order to use SSL you can
>> temporarily use following setup:
>> pool.default.serverset.single.server = AD1
>>  pool.default.dc-resolve.enable = false
>>  pool.default.ssl.startTLS = true
>> But this is only temporary solution and you should switch back to
>> 'srvrecord' until AD is fixed.
> Thank you, this actually works. Yes, I'll remove it as soon as possible.
> Now with RHEV + AD, it seems better than RHEV + LDAP for groups : it finds most of the groups a user belongs to. RHEV + LDAP is only able to find one group a user belongs to (which is not the same group found when I search the same user with ldapsearch...Still not able to solve that mystery....)

That's very strange, we test it and it works for us. But you said you 
use more namingContexts
than one, right? It could be the problem as we support only one.

> By the way, how would you change the default password associated with the .jks certificate automatically generated from the interactive setup ?

Run this command:

  $ keytool -storepasswd -keystore /path/to/jks/x.jks

It will ask you for old and new password.

More information about the Users mailing list