[ovirt-users] AAA Auth FreeIPA does not show users

Matt . yamakasi.014 at gmail.com
Tue Jan 31 10:17:03 UTC 2017


Hi Martin,

Thanks for the explanation. But what happens on those tests during the
setup the same happens as showed in oVirt.

Default IPA should just work I guess.

I will test your command and report back.

Cheers,

Matt

2017-01-31 10:24 GMT+01:00 Martin Perina <mperina at redhat.com>:
> Hi,
>
> it seem that your schema doesn't match the defaults or you home some
> configuration issue. Could you please execute following and send us the
> output for your IPA setup?
>
>   ovirt-engine-extensions-tool --log-level=FINE aaa
> authz-fetch_principal_record --authz-flag=resolve-groups-recursive
> --authz-flag=resolve-groups --extension-name=<PROFILE-NAME>
> --principal-name=<USERNAME>
>
> The above will search for a user by <USERNAME> and tries to fetch all groups
> he is member of.
>
> Btw you can test both "search users/groups" and "login a user" during
> aaa-ldap-setup tool (and it's recommended to do so) and the output from
> those commands should provide you the same details.
>
> Thanks
>
> Martin Perina
>
>
>
> On Mon, Jan 30, 2017 at 9:27 PM, Matt . <yamakasi.014 at gmail.com> wrote:
>>
>> Hi,
>>
>> When I do a ovirt-engine-extension-aaa-ldap-setup and chose IPA the
>> groups are shown but the users are not.
>>
>> When I chose 389ds, the users are shown but not the groups.
>>
>> Is something wrong with the FreeIPA implementation ? I'm on latest IPA
>> 4.4 version from Fedora
>>
>> Cheers,
>>
>> Matt
>> _______________________________________________
>> Users mailing list
>> Users at ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
>
>


More information about the Users mailing list