Re: [Freeipa-users] Request to help adding FreeIPA group to VMware VCenter6.0

2016-11-29 Thread Jim Blenkins 
Muk

Look at how we have done we basically used a system account sudo and gave
rhis user a password this means all freeipa users can login but cant see
anything until individual privileges are assigned inside vmware

Jim

On 29 Nov 2016 9:40 a.m., "Mukarram Syed"  wrote:

> Hi,
>
> In VCenter 6.0 Web Appliance,  I would like to add the Admin group of
> users in FreeIPA.
> I looked through many articles on the internet and found recommended
> solutions, but none seem to work for me.
> Basically, I have group of "admins" in FreeIPA.
> In VCenter I
>
> Name: *IPA*
>
> Base DN for users: *cn=users,cn=accounts,dc=dev,dc=local*
>
> Domain Name: *dev.local*
>
> Base DN for groups: *cn=admins*,*cn=groups,cn=accounts,dc=dev,dc=local*
>
> Primary Server URL: *ldap://freeipa1.dev.local*
>
> Username: *uid=admin,cn=users,cn=accounts,dc=dev,dc=local*
> In doing this, I get all the users.  But I want only the users in the
> group "admins", which I am not able to accomplish.
>
> On Base DN for groups i tried using *(|memberOf=*
> *cn=admins,cn=groups,cn=accounts,dc=dev,dc=local)*
> But Vcenter does not seem to accept "memberOf" in the Base DN for groups.
> I have successfully used "memberOf" in other LDAP environments.
>
> Any help/suggestions are appreciated.
>
> Thanks
>
> # mukarram
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
>
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

[Freeipa-users] Request to help adding FreeIPA group to VMware VCenter6.0

2016-11-29 Thread Mukarram Syed 
Hi,

In VCenter 6.0 Web Appliance,  I would like to add the Admin group of users
in FreeIPA.
I looked through many articles on the internet and found recommended
solutions, but none seem to work for me.
Basically, I have group of "admins" in FreeIPA.
In VCenter I

Name: *IPA*

Base DN for users: *cn=users,cn=accounts,dc=dev,dc=local*

Domain Name: *dev.local*

Base DN for groups: *cn=admins*,*cn=groups,cn=accounts,dc=dev,dc=local*

Primary Server URL: *ldap://freeipa1.dev.local*

Username: *uid=admin,cn=users,cn=accounts,dc=dev,dc=local*
In doing this, I get all the users.  But I want only the users in the group
"admins", which I am not able to accomplish.

On Base DN for groups i tried using *(|memberOf=*
*cn=admins,cn=groups,cn=accounts,dc=dev,dc=local)*
But Vcenter does not seem to accept "memberOf" in the Base DN for groups.
I have successfully used "memberOf" in other LDAP environments.

Any help/suggestions are appreciated.

Thanks

# mukarram
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project