[ovirt-users] oVirt, LDAP & SSO: authentication domain/profile consolidation
Martin Perina
mperina at redhat.com
Mon May 1 22:51:32 UTC 2017
Great to hear it's working for you as expected!
Martin
On Mon, May 1, 2017 at 12:50 PM, Lloyd Kamara <l.kamara at imperial.ac.uk>
wrote:
> Hi, Martin, you wrote:
>
> > there is no reason to have different authz providers for both authn
> > providers, because authz part is the same for both kerberos and LDAP.
> > Just edit for example kerberos authn configuration file in
> > /etc/ovirt-engine/extension.d/ and change
> > 'ovirt.engine.aaa.authn.authz.plugin' option to the name of your LDAP
> > authz provider.
> > When done please restart ovirt-engine to apply changes.
>
>
> Thank you for the above succinct and clear explanation.
> I changed the configuration accordingly and can confirm that
> it resolved the issue. When I log in via a Kerberos Ticket
> Granting Ticket and interactively via the LDAP-backed oVirt login
> web form, I am mapped to a single authentication domain.
>
>
> Best wishes,
> Lloyd
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20170501/7e061d87/attachment.html>
More information about the Users
mailing list