[ovirt-users] active directory and sso
董青龙
ddqlo at 126.com
Fri Feb 2 03:46:07 UTC 2018
Thanks for the reply. I have completely configured all the things in option 1 which you told. But it seems that sso still does not work. My domain forest is "test.org" and my user is "test". When I login the user portal, I get "test at test.org@test.org" int the top right corner. Should it be "test at test.org"? Is it possible that engine send wrong user name to the guest agent?
At 2018-02-01 15:35:57, "Martin Perina" <mperina at redhat.com> wrote:
On Thu, Feb 1, 2018 at 9:13 AM, 董青龙 <ddqlo at 126.com> wrote:
Hi, all
I am trying to make SSO working with windows7 vm in an ovirt 4.1 environment. Ovirt-guest-agent has been installed in windows7 vm. I have an active directory server of windows2012 and I have configured the engine using "ovirt-engine-extension-aaa-ldap-setup" successfully. The windows7 vm has joined the domain,too. But when I login the userportal using a user created in the AD server, I still have to login the windows7 vm using the same user for the second time. It seems that SSO does not work.
Anyone can help me? Thanks!
We are not providing full SSO for
VMs
. At the moment you have 2 options:
1. If you want user to be automatically logged in into a VM, then you need to setup SSO using aaa-ldap extension for AD (please don't forget to answer Yes for question about SSO for VMs in setup tool). Andf of course in a VM you need to have installed and enabled guest agent. Once user logs into VM Portal and clicks on a VM, then he should be automatically logged into it.
2. If you setup kerberos for engine SSO, then you don't need to enter password to loging into VM Portal, but in such case we cannot pass a password into a VM and user are not automatically logged in.
Martin
_______________________________________________
Users mailing list
Users at ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
--
Martin Perina
Associate Manager, Software Engineering
Red Hat Czech s.r.o.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20180202/f90f6d46/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ??2.png
Type: image/png
Size: 2736 bytes
Desc: not available
URL: <http://lists.ovirt.org/pipermail/users/attachments/20180202/f90f6d46/attachment.png>
More information about the Users
mailing list