I'm triing to use Samba4rc5 like autenticator for Ovirt 3.1.0-3.26<div><br></div><div>First problem is Ovirt is user usernameprincipal (login@domain in place of login) to autenticate with Samba4, But samba4 don't use it.</div>
<div><br></div><div>I use </div><div>engine-manage-domains -action=add -domain=DOMAINFQDN -user=LOGIN -provider=ActiveDirectory -interactive -addPermissions<br></div><div>And the result is:</div><div><div><br></div><div>No user in Directory was found for LOGIN@DOMAINFQDN. Trying next LDAP server in list</div>
<div>Failure while testing domain DOMAINFQDN. Details: No user information was found for user</div></div><div><br></div><div><br></div><div>And the Samba4 give me: <br></div><div>filter=(&(sAMAccountType=805306368)(userPrincipalName=LOGIN@DOMAINFQDN))<br>
</div><div><br></div><div>But no userPrincipalName is configured in any user.</div><div><br></div><div><br></div><div>Actual Solution: I add a userPrincipalName LOGIN@DOMAINFQDN in the LOGIN account (using a ldap tool) and add the ovirt machine to the domain.</div>
<div><br></div><div>After restart the ovirt engine I go to the UserPortal.</div><div><br></div><div>I find now other problem, the user isn't search by the Common Name (cn), a example of search</div><div>filter=(&(sAMAccountType=805306368)(|(givenname=TESTLOGIN)(sn=TESTLOGIN)(samaccountname=TESTLOGIN)(userPrincipalName=TESTLOGIN)))<br>
</div><div><br></div><div>must be </div><div><div>filter=(&(sAMAccountType=805306368)(|(givenname=TESTLOGIN)(cn=TESTLOGIN)(sn=TESTLOGIN)(samaccountname=TESTLOGIN)(userPrincipalName=TESTLOGIN)))</div></div><div><br></div>
<div><br></div><div>Thanks for all<br clear="all"><div><br></div>-- <br>Alejandro Escanero Blanco<br>Consultor de sistemas basados en fuentes abiertas<br>Desarrollador de FusionDirectory (<a href="http://www.fusiondirectory.org" target="_blank">http://www.fusiondirectory.org</a>)<br>
Blog: <a href="http://www.disasterproject.com" target="_blank">http://www.disasterproject.com</a><br>Jabber: <a href="mailto:blainett@jabberes.com" target="_blank">blainett@jabberes.com</a><br><br>
</div>