Re: [ovirt-users] oVirt 3.6 Migrated from Legacy AD Authentication - Previously Used AD Users Can't Log In

2016-10-27 Thread Ondra Machacek 

Unfortunatelly no, we decided to use UPN instead of SAM account name,
because SAM account name is limit IIRC to 15 characters, while UPN is
not limited.

On 10/26/2016 08:58 PM, Beckman, Daniel wrote:

That’s it! Some background: within our IT department most of us have a regular 
user account and an administrative account. For the later account type, the UPN 
and SAM account name happen to be the same (e.g. jdoead...@example.com) whereas 
for regular users UPN is something like john@example..com.  When I used the 
UPN name (e.g. john.doe) the login worked fine.

We can work with that. But is there a way to change it to using SAM account 
name?

Thanks,
Daniel

On 10/26/16, 12:58 PM, "Ondra Machacek"  wrote:

On 10/26/2016 06:31 PM, Beckman, Daniel wrote:
> I have been updating our oVirt 3.6 (3.6.7.5-1) environment in
> preparation for upgrading to oVirt 4.
>
>
>
> We had been using the legacy AD connection (via engine-manage-domains),
> and since that’s no longer available in oVirt 4, this was a priorty. (I
> put this off as long as I could – I found the new method a step back in
> ease of use.)
>
>
>
> So following the documentation I setup
> ‘ovirt-engine-extension-aaa-ldap’, connecting to the same Active
> Directory forest. It seemed to work; I was able to look up users. But
> none of the existing AD users that we had been using in oVirt were able
> to log in to the admin or user portal, using the new extension. The
> error is “General command validation failure.”. (Whereas if you enter a
> wrong password, you get the expected wrong password error.)* *Here’s
> what /var/log/ovirt-engine/engine.log shows for “myuser”:
>
> {Extkey[name=EXTENSION_INVOKE_CONTEXT;type=class
> 
org.ovirt.engine.api.extensions.ExtMap;uuid=EXTENSION_INVOKE_CONTEXT[886d2ebb-312a-49ae-9cc3-e1f849834b7d];]={Extkey[name=EXTENSION_INTERFACE_VERSION_MAX;type=class
> 
java.lang.Integer;uuid=EXTENSION_INTERFACE_VERSION_MAX[f4cff49f-2717-4901-8ee9-df362446e3e7];]=0,
> Extkey[name=EXTENSION_LICENSE;type=class
> 
java.lang.String;uuid=EXTENSION_LICENSE[8a61ad65-054c-4e31-9c6d-1ca4d60a4c18];]=ASL
> 2.0, Extkey[name=EXTENSION_NOTES;type=class
> 
java.lang.String;uuid=EXTENSION_NOTES[2da5ad7e-185a-4584-aaff-97f66978e4ea];]=Display
> name: ovirt-engine-extension-aaa-ldap-1.1.4-1.el7,
> Extkey[name=EXTENSION_HOME_URL;type=class
> 
java.lang.String;uuid=EXTENSION_HOME_URL[4ad7a2f4-f969-42d4-b399-72d192e18304];]=http://www.ovirt.org,
> Extkey[name=EXTENSION_LOCALE;type=class
> 
java.lang.String;uuid=EXTENSION_LOCALE[0780b112-0ce0-404a-b85e-8765d778bb29];]=en_US,
> Extkey[name=EXTENSION_NAME;type=class
> 
java.lang.String;uuid=EXTENSION_NAME[651381d3-f54f-4547-bf28-b0b01a103184];]=ovirt-engine-extension-aaa-ldap.authz,
> Extkey[name=EXTENSION_INTERFACE_VERSION_MIN;type=class
> 
java.lang.Integer;uuid=EXTENSION_INTERFACE_VERSION_MIN[2b84fc91-305b-497b-a1d7-d961b9d2ce0b];]=0,
> Extkey[name=EXTENSION_CONFIGURATION;type=class
> 
java.util.Properties;uuid=EXTENSION_CONFIGURATION[2d48ab72-f0a1-4312-b4ae-5068a226b0fc];]=***,
> Extkey[name=EXTENSION_AUTHOR;type=class
> 
java.lang.String;uuid=EXTENSION_AUTHOR[ef242f7a-2dad-4bc5-9aad-e07018b7fbcc];]=The
> oVirt Project, Extkey[name=AAA_AUTHZ_QUERY_MAX_FILTER_SIZE;type=class
> 
java.lang.Integer;uuid=AAA_AUTHZ_QUERY_MAX_FILTER_SIZE[2eb1f541-0f65-44a1-a6e3-014e247595f5];]=50,
> Extkey[name=EXTENSION_INSTANCE_NAME;type=class
> 
java.lang.String;uuid=EXTENSION_INSTANCE_NAME[65c67ff6-aeca-4bd5-a245-8674327f011b];]=ingramcontent.com,
> Extkey[name=EXTENSION_BUILD_INTERFACE_VERSION;type=class
> 
java.lang.Integer;uuid=EXTENSION_BUILD_INTERFACE_VERSION[cb479e5a-4b23-46f8-aed3-56a4747a8ab7];]=0,
> Extkey[name=EXTENSION_CONFIGURATION_SENSITIVE_KEYS;type=interface
> 
java.util.Collection;uuid=EXTENSION_CONFIGURATION_SENSITIVE_KEYS[a456efa1-73ff-4204-9f9b-ebff01e35263];]=[],
> Extkey[name=EXTENSION_GLOBAL_CONTEXT;type=class
> 
org.ovirt.engine.api.extensions.ExtMap;uuid=EXTENSION_GLOBAL_CONTEXT[9799e72f-7af6-4cf1-bf08-297bc8903676];]=*skip*,
> Extkey[name=EXTENSION_VERSION;type=class
> 
java.lang.String;uuid=EXTENSION_VERSION[fe35f6a8-8239-4bdb-ab1a-af9f779ce68c];]=1.1.4,
> Extkey[name=AAA_AUTHZ_AVAILABLE_NAMESPACES;type=interface
> 
java.util.Collection;uuid=AAA_AUTHZ_AVAILABLE_NAMESPACES[6dffa34c-955f-486a-bd35-0a272b45a711];]=[DC=ingramcontent,DC=com],
> Extkey[name=EXTENSION_MANAGER_TRACE_LOG;type=interface
> 
org.slf4j.Logger;uuid=EXTENSION_MANAGER_TRACE_LOG[863db666-3ea7-4751-9695-918a3197ad83];]=org.slf4j.impl.Slf4jLogger(org.ovirt.engine.core.extensions.mgr.ExtensionsManager.trace.ovirt-engine-extension-aaa-ldap.authz.ingramcontent.com),
> Extkey[name=EXTENSION_PROVIDES;type=interface
>

Re: [ovirt-users] oVirt 3.6 Migrated from Legacy AD Authentication - Previously Used AD Users Can't Log In

2016-10-26 Thread Beckman, Daniel 
That’s it! Some background: within our IT department most of us have a regular 
user account and an administrative account. For the later account type, the UPN 
and SAM account name happen to be the same (e.g. jdoead...@example.com) whereas 
for regular users UPN is something like john@example..com.  When I used the 
UPN name (e.g. john.doe) the login worked fine. 

We can work with that. But is there a way to change it to using SAM account 
name? 

Thanks,
Daniel 

On 10/26/16, 12:58 PM, "Ondra Machacek"  wrote:

On 10/26/2016 06:31 PM, Beckman, Daniel wrote:
> I have been updating our oVirt 3.6 (3.6.7.5-1) environment in
> preparation for upgrading to oVirt 4.
>
>
>
> We had been using the legacy AD connection (via engine-manage-domains),
> and since that’s no longer available in oVirt 4, this was a priorty. (I
> put this off as long as I could – I found the new method a step back in
> ease of use.)
>
>
>
> So following the documentation I setup
> ‘ovirt-engine-extension-aaa-ldap’, connecting to the same Active
> Directory forest. It seemed to work; I was able to look up users. But
> none of the existing AD users that we had been using in oVirt were able
> to log in to the admin or user portal, using the new extension. The
> error is “General command validation failure.”. (Whereas if you enter a
> wrong password, you get the expected wrong password error.)* *Here’s
> what /var/log/ovirt-engine/engine.log shows for “myuser”:
>
> {Extkey[name=EXTENSION_INVOKE_CONTEXT;type=class
> 
org.ovirt.engine.api.extensions.ExtMap;uuid=EXTENSION_INVOKE_CONTEXT[886d2ebb-312a-49ae-9cc3-e1f849834b7d];]={Extkey[name=EXTENSION_INTERFACE_VERSION_MAX;type=class
> 
java.lang.Integer;uuid=EXTENSION_INTERFACE_VERSION_MAX[f4cff49f-2717-4901-8ee9-df362446e3e7];]=0,
> Extkey[name=EXTENSION_LICENSE;type=class
> 
java.lang.String;uuid=EXTENSION_LICENSE[8a61ad65-054c-4e31-9c6d-1ca4d60a4c18];]=ASL
> 2.0, Extkey[name=EXTENSION_NOTES;type=class
> 
java.lang.String;uuid=EXTENSION_NOTES[2da5ad7e-185a-4584-aaff-97f66978e4ea];]=Display
> name: ovirt-engine-extension-aaa-ldap-1.1.4-1.el7,
> Extkey[name=EXTENSION_HOME_URL;type=class
> 
java.lang.String;uuid=EXTENSION_HOME_URL[4ad7a2f4-f969-42d4-b399-72d192e18304];]=http://www.ovirt.org,
> Extkey[name=EXTENSION_LOCALE;type=class
> 
java.lang.String;uuid=EXTENSION_LOCALE[0780b112-0ce0-404a-b85e-8765d778bb29];]=en_US,
> Extkey[name=EXTENSION_NAME;type=class
> 
java.lang.String;uuid=EXTENSION_NAME[651381d3-f54f-4547-bf28-b0b01a103184];]=ovirt-engine-extension-aaa-ldap.authz,
> Extkey[name=EXTENSION_INTERFACE_VERSION_MIN;type=class
> 
java.lang.Integer;uuid=EXTENSION_INTERFACE_VERSION_MIN[2b84fc91-305b-497b-a1d7-d961b9d2ce0b];]=0,
> Extkey[name=EXTENSION_CONFIGURATION;type=class
> 
java.util.Properties;uuid=EXTENSION_CONFIGURATION[2d48ab72-f0a1-4312-b4ae-5068a226b0fc];]=***,
> Extkey[name=EXTENSION_AUTHOR;type=class
> 
java.lang.String;uuid=EXTENSION_AUTHOR[ef242f7a-2dad-4bc5-9aad-e07018b7fbcc];]=The
> oVirt Project, Extkey[name=AAA_AUTHZ_QUERY_MAX_FILTER_SIZE;type=class
> 
java.lang.Integer;uuid=AAA_AUTHZ_QUERY_MAX_FILTER_SIZE[2eb1f541-0f65-44a1-a6e3-014e247595f5];]=50,
> Extkey[name=EXTENSION_INSTANCE_NAME;type=class
> 
java.lang.String;uuid=EXTENSION_INSTANCE_NAME[65c67ff6-aeca-4bd5-a245-8674327f011b];]=ingramcontent.com,
> Extkey[name=EXTENSION_BUILD_INTERFACE_VERSION;type=class
> 
java.lang.Integer;uuid=EXTENSION_BUILD_INTERFACE_VERSION[cb479e5a-4b23-46f8-aed3-56a4747a8ab7];]=0,
> Extkey[name=EXTENSION_CONFIGURATION_SENSITIVE_KEYS;type=interface
> 
java.util.Collection;uuid=EXTENSION_CONFIGURATION_SENSITIVE_KEYS[a456efa1-73ff-4204-9f9b-ebff01e35263];]=[],
> Extkey[name=EXTENSION_GLOBAL_CONTEXT;type=class
> 
org.ovirt.engine.api.extensions.ExtMap;uuid=EXTENSION_GLOBAL_CONTEXT[9799e72f-7af6-4cf1-bf08-297bc8903676];]=*skip*,
> Extkey[name=EXTENSION_VERSION;type=class
> 
java.lang.String;uuid=EXTENSION_VERSION[fe35f6a8-8239-4bdb-ab1a-af9f779ce68c];]=1.1.4,
> Extkey[name=AAA_AUTHZ_AVAILABLE_NAMESPACES;type=interface
> 
java.util.Collection;uuid=AAA_AUTHZ_AVAILABLE_NAMESPACES[6dffa34c-955f-486a-bd35-0a272b45a711];]=[DC=ingramcontent,DC=com],
> Extkey[name=EXTENSION_MANAGER_TRACE_LOG;type=interface
> 
org.slf4j.Logger;uuid=EXTENSION_MANAGER_TRACE_LOG[863db666-3ea7-4751-9695-918a3197ad83];]=org.slf4j.impl.Slf4jLogger(org.ovirt.engine.core.extensions.mgr.ExtensionsManager.trace.ovirt-engine-extension-aaa-ldap.authz.ingramcontent.com),
> Extkey[name=EXTENSION_PROVIDES;type=interface
> 
java.util.Collection;uuid=EXTENSION_PROVIDES[8cf373a6-65b5-4594-b828-0e275087de91];]=[org.ovirt.engine.api.extensions.aaa.Authz],
> Extkey[name=EXTENSION_CONFIGURATION_FILE;type=class
>

Re: [ovirt-users] oVirt 3.6 Migrated from Legacy AD Authentication - Previously Used AD Users Can't Log In

2016-10-26 Thread Ondra Machacek 

On 10/26/2016 06:31 PM, Beckman, Daniel wrote:

I have been updating our oVirt 3.6 (3.6.7.5-1) environment in
preparation for upgrading to oVirt 4.



We had been using the legacy AD connection (via engine-manage-domains),
and since that’s no longer available in oVirt 4, this was a priorty. (I
put this off as long as I could – I found the new method a step back in
ease of use.)



So following the documentation I setup
‘ovirt-engine-extension-aaa-ldap’, connecting to the same Active
Directory forest. It seemed to work; I was able to look up users. But
none of the existing AD users that we had been using in oVirt were able
to log in to the admin or user portal, using the new extension. The
error is “General command validation failure.”. (Whereas if you enter a
wrong password, you get the expected wrong password error.)* *Here’s
what /var/log/ovirt-engine/engine.log shows for “myuser”:

{Extkey[name=EXTENSION_INVOKE_CONTEXT;type=class
org.ovirt.engine.api.extensions.ExtMap;uuid=EXTENSION_INVOKE_CONTEXT[886d2ebb-312a-49ae-9cc3-e1f849834b7d];]={Extkey[name=EXTENSION_INTERFACE_VERSION_MAX;type=class
java.lang.Integer;uuid=EXTENSION_INTERFACE_VERSION_MAX[f4cff49f-2717-4901-8ee9-df362446e3e7];]=0,
Extkey[name=EXTENSION_LICENSE;type=class
java.lang.String;uuid=EXTENSION_LICENSE[8a61ad65-054c-4e31-9c6d-1ca4d60a4c18];]=ASL
2.0, Extkey[name=EXTENSION_NOTES;type=class
java.lang.String;uuid=EXTENSION_NOTES[2da5ad7e-185a-4584-aaff-97f66978e4ea];]=Display
name: ovirt-engine-extension-aaa-ldap-1.1.4-1.el7,
Extkey[name=EXTENSION_HOME_URL;type=class
java.lang.String;uuid=EXTENSION_HOME_URL[4ad7a2f4-f969-42d4-b399-72d192e18304];]=http://www.ovirt.org,
Extkey[name=EXTENSION_LOCALE;type=class
java.lang.String;uuid=EXTENSION_LOCALE[0780b112-0ce0-404a-b85e-8765d778bb29];]=en_US,
Extkey[name=EXTENSION_NAME;type=class
java.lang.String;uuid=EXTENSION_NAME[651381d3-f54f-4547-bf28-b0b01a103184];]=ovirt-engine-extension-aaa-ldap.authz,
Extkey[name=EXTENSION_INTERFACE_VERSION_MIN;type=class
java.lang.Integer;uuid=EXTENSION_INTERFACE_VERSION_MIN[2b84fc91-305b-497b-a1d7-d961b9d2ce0b];]=0,
Extkey[name=EXTENSION_CONFIGURATION;type=class
java.util.Properties;uuid=EXTENSION_CONFIGURATION[2d48ab72-f0a1-4312-b4ae-5068a226b0fc];]=***,
Extkey[name=EXTENSION_AUTHOR;type=class
java.lang.String;uuid=EXTENSION_AUTHOR[ef242f7a-2dad-4bc5-9aad-e07018b7fbcc];]=The
oVirt Project, Extkey[name=AAA_AUTHZ_QUERY_MAX_FILTER_SIZE;type=class
java.lang.Integer;uuid=AAA_AUTHZ_QUERY_MAX_FILTER_SIZE[2eb1f541-0f65-44a1-a6e3-014e247595f5];]=50,
Extkey[name=EXTENSION_INSTANCE_NAME;type=class
java.lang.String;uuid=EXTENSION_INSTANCE_NAME[65c67ff6-aeca-4bd5-a245-8674327f011b];]=ingramcontent.com,
Extkey[name=EXTENSION_BUILD_INTERFACE_VERSION;type=class
java.lang.Integer;uuid=EXTENSION_BUILD_INTERFACE_VERSION[cb479e5a-4b23-46f8-aed3-56a4747a8ab7];]=0,
Extkey[name=EXTENSION_CONFIGURATION_SENSITIVE_KEYS;type=interface
java.util.Collection;uuid=EXTENSION_CONFIGURATION_SENSITIVE_KEYS[a456efa1-73ff-4204-9f9b-ebff01e35263];]=[],
Extkey[name=EXTENSION_GLOBAL_CONTEXT;type=class
org.ovirt.engine.api.extensions.ExtMap;uuid=EXTENSION_GLOBAL_CONTEXT[9799e72f-7af6-4cf1-bf08-297bc8903676];]=*skip*,
Extkey[name=EXTENSION_VERSION;type=class
java.lang.String;uuid=EXTENSION_VERSION[fe35f6a8-8239-4bdb-ab1a-af9f779ce68c];]=1.1.4,
Extkey[name=AAA_AUTHZ_AVAILABLE_NAMESPACES;type=interface
java.util.Collection;uuid=AAA_AUTHZ_AVAILABLE_NAMESPACES[6dffa34c-955f-486a-bd35-0a272b45a711];]=[DC=ingramcontent,DC=com],
Extkey[name=EXTENSION_MANAGER_TRACE_LOG;type=interface
org.slf4j.Logger;uuid=EXTENSION_MANAGER_TRACE_LOG[863db666-3ea7-4751-9695-918a3197ad83];]=org.slf4j.impl.Slf4jLogger(org.ovirt.engine.core.extensions.mgr.ExtensionsManager.trace.ovirt-engine-extension-aaa-ldap.authz.ingramcontent.com),
Extkey[name=EXTENSION_PROVIDES;type=interface
java.util.Collection;uuid=EXTENSION_PROVIDES[8cf373a6-65b5-4594-b828-0e275087de91];]=[org.ovirt.engine.api.extensions.aaa.Authz],
Extkey[name=EXTENSION_CONFIGURATION_FILE;type=class
java.lang.String;uuid=EXTENSION_CONFIGURATION_FILE[4fb0ffd3-983c-4f3f-98ff-9660bd67af6a];]=/etc/ovirt-engine/extensions.d/INGRAMCONTENT.COM.properties},
Extkey[name=AAA_AUTHZ_QUERY_FLAGS;type=class
java.lang.Integer;uuid=AAA_AUTHZ_QUERY_FLAGS[97d226e9-8d87-49a0-9a7f-af689320907b];]=3,
Extkey[name=AAA_AUTHZ_PRINCIPAL;type=class
java.lang.String;uuid=AAA_AUTHZ_PRINCIPAL[a3c1d5ca-f1ea-131c-86ae-a1ecbcadd6b7];]=myu...@ingramcontent.com,
Extkey[name=EXTENSION_INVOKE_COMMAND;type=class
org.ovirt.engine.api.extensions.ExtUUID;uuid=EXTENSION_INVOKE_COMMAND[485778ab-bede-4f1a-b823-77b262a2f28d];]=AAA_AUTHZ_FETCH_PRINCIPAL_RECORD[5a5bf9bb-9336-4376-a823-26efe1ba26df],
Extkey[name=AAA_AUTHN_AUTH_RECORD;type=class
org.ovirt.engine.api.extensions.ExtMap;uuid=AAA_AUTHN_AUTH_RECORD[e9462168-b53b-44ac-9af5-f25e1697173e];]={Extkey[name=AAA_AUTHN_AUTH_RECORD_PRINCIPAL;type=class

[ovirt-users] oVirt 3.6 Migrated from Legacy AD Authentication - Previously Used AD Users Can't Log In

2016-10-26 Thread Beckman, Daniel 
I have been updating our oVirt 3.6 (3.6.7.5-1) environment in preparation for 
upgrading to oVirt 4.

We had been using the legacy AD connection (via engine-manage-domains), and 
since that’s no longer available in oVirt 4, this was a priorty. (I put this 
off as long as I could – I found the new method a step back in ease of use.)

So following the documentation I setup ‘ovirt-engine-extension-aaa-ldap’, 
connecting to the same Active Directory forest. It seemed to work; I was able 
to look up users. But none of the existing AD users that we had been using in 
oVirt were able to log in to the admin or user portal, using the new extension. 
The error is “General command validation failure.”. (Whereas if you enter a 
wrong password, you get the expected wrong password error.)  Here’s what 
/var/log/ovirt-engine/engine.log shows for “myuser”:
{Extkey[name=EXTENSION_INVOKE_CONTEXT;type=class 
org.ovirt.engine.api.extensions.ExtMap;uuid=EXTENSION_INVOKE_CONTEXT[886d2ebb-312a-49ae-9cc3-e1f849834b7d];]={Extkey[name=EXTENSION_INTERFACE_VERSION_MAX;type=class
 
java.lang.Integer;uuid=EXTENSION_INTERFACE_VERSION_MAX[f4cff49f-2717-4901-8ee9-df362446e3e7];]=0,
 Extkey[name=EXTENSION_LICENSE;type=class 
java.lang.String;uuid=EXTENSION_LICENSE[8a61ad65-054c-4e31-9c6d-1ca4d60a4c18];]=ASL
 2.0, Extkey[name=EXTENSION_NOTES;type=class 
java.lang.String;uuid=EXTENSION_NOTES[2da5ad7e-185a-4584-aaff-97f66978e4ea];]=Display
 name: ovirt-engine-extension-aaa-ldap-1.1.4-1.el7, 
Extkey[name=EXTENSION_HOME_URL;type=class 
java.lang.String;uuid=EXTENSION_HOME_URL[4ad7a2f4-f969-42d4-b399-72d192e18304];]=http://www.ovirt.org,
 Extkey[name=EXTENSION_LOCALE;type=class 
java.lang.String;uuid=EXTENSION_LOCALE[0780b112-0ce0-404a-b85e-8765d778bb29];]=en_US,
 Extkey[name=EXTENSION_NAME;type=class 
java.lang.String;uuid=EXTENSION_NAME[651381d3-f54f-4547-bf28-b0b01a103184];]=ovirt-engine-extension-aaa-ldap.authz,
 Extkey[name=EXTENSION_INTERFACE_VERSION_MIN;type=class 
java.lang.Integer;uuid=EXTENSION_INTERFACE_VERSION_MIN[2b84fc91-305b-497b-a1d7-d961b9d2ce0b];]=0,
 Extkey[name=EXTENSION_CONFIGURATION;type=class 
java.util.Properties;uuid=EXTENSION_CONFIGURATION[2d48ab72-f0a1-4312-b4ae-5068a226b0fc];]=***,
 Extkey[name=EXTENSION_AUTHOR;type=class 
java.lang.String;uuid=EXTENSION_AUTHOR[ef242f7a-2dad-4bc5-9aad-e07018b7fbcc];]=The
 oVirt Project, Extkey[name=AAA_AUTHZ_QUERY_MAX_FILTER_SIZE;type=class 
java.lang.Integer;uuid=AAA_AUTHZ_QUERY_MAX_FILTER_SIZE[2eb1f541-0f65-44a1-a6e3-014e247595f5];]=50,
 Extkey[name=EXTENSION_INSTANCE_NAME;type=class 
java.lang.String;uuid=EXTENSION_INSTANCE_NAME[65c67ff6-aeca-4bd5-a245-8674327f011b];]=ingramcontent.com,
 Extkey[name=EXTENSION_BUILD_INTERFACE_VERSION;type=class 
java.lang.Integer;uuid=EXTENSION_BUILD_INTERFACE_VERSION[cb479e5a-4b23-46f8-aed3-56a4747a8ab7];]=0,
 Extkey[name=EXTENSION_CONFIGURATION_SENSITIVE_KEYS;type=interface 
java.util.Collection;uuid=EXTENSION_CONFIGURATION_SENSITIVE_KEYS[a456efa1-73ff-4204-9f9b-ebff01e35263];]=[],
 Extkey[name=EXTENSION_GLOBAL_CONTEXT;type=class 
org.ovirt.engine.api.extensions.ExtMap;uuid=EXTENSION_GLOBAL_CONTEXT[9799e72f-7af6-4cf1-bf08-297bc8903676];]=*skip*,
 Extkey[name=EXTENSION_VERSION;type=class 
java.lang.String;uuid=EXTENSION_VERSION[fe35f6a8-8239-4bdb-ab1a-af9f779ce68c];]=1.1.4,
 Extkey[name=AAA_AUTHZ_AVAILABLE_NAMESPACES;type=interface 
java.util.Collection;uuid=AAA_AUTHZ_AVAILABLE_NAMESPACES[6dffa34c-955f-486a-bd35-0a272b45a711];]=[DC=ingramcontent,DC=com],
 Extkey[name=EXTENSION_MANAGER_TRACE_LOG;type=interface 
org.slf4j.Logger;uuid=EXTENSION_MANAGER_TRACE_LOG[863db666-3ea7-4751-9695-918a3197ad83];]=org.slf4j.impl.Slf4jLogger(org.ovirt.engine.core.extensions.mgr.ExtensionsManager.trace.ovirt-engine-extension-aaa-ldap.authz.ingramcontent.com),
 Extkey[name=EXTENSION_PROVIDES;type=interface 
java.util.Collection;uuid=EXTENSION_PROVIDES[8cf373a6-65b5-4594-b828-0e275087de91];]=[org.ovirt.engine.api.extensions.aaa.Authz],
 Extkey[name=EXTENSION_CONFIGURATION_FILE;type=class 
java.lang.String;uuid=EXTENSION_CONFIGURATION_FILE[4fb0ffd3-983c-4f3f-98ff-9660bd67af6a];]=/etc/ovirt-engine/extensions.d/INGRAMCONTENT.COM.properties},
 Extkey[name=AAA_AUTHZ_QUERY_FLAGS;type=class 
java.lang.Integer;uuid=AAA_AUTHZ_QUERY_FLAGS[97d226e9-8d87-49a0-9a7f-af689320907b];]=3,
 Extkey[name=AAA_AUTHZ_PRINCIPAL;type=class 
java.lang.String;uuid=AAA_AUTHZ_PRINCIPAL[a3c1d5ca-f1ea-131c-86ae-a1ecbcadd6b7];]=myu...@ingramcontent.com,
 Extkey[name=EXTENSION_INVOKE_COMMAND;type=class 
org.ovirt.engine.api.extensions.ExtUUID;uuid=EXTENSION_INVOKE_COMMAND[485778ab-bede-4f1a-b823-77b262a2f28d];]=AAA_AUTHZ_FETCH_PRINCIPAL_RECORD[5a5bf9bb-9336-4376-a823-26efe1ba26df],
 Extkey[name=AAA_AUTHN_AUTH_RECORD;type=class 
org.ovirt.engine.api.extensions.ExtMap;uuid=AAA_AUTHN_AUTH_RECORD[e9462168-b53b-44ac-9af5-f25e1697173e];]={Extkey[name=AAA_AUTHN_AUTH_RECORD_PRINCIPAL;type=class