2014-11-04 21:02 skrev Rob Crittenden:
richard wrote:
We are trying to configure vcenter 5.5 to authenticate against freeipa
instead of AD.
Its working for single users, we can update passwd in freeipa and they
can authenticate aganinst vcenter.
But we are not able to get the groups to work as we want, we cant even
see them on the vcenter side.
Has any one configured vcenter to authenticate against freeipa, with
booth users and groups working?
// Richard
How are you configuring it, using the Open LDAP option?
According to
http://kb.vmware.com/selfservice/microsites/search.do?language=en_UScmd=displayKCexternalId=2064977
the group scheme used by IPA is not supported. They require the
objectclass groupOfUniqueNames and uniqueMember.
It should be possible to add configuration to IPA to enable this via
the
slapi-nis (schema compat) plugin. See this,
https://git.fedorahosted.org/cgit/slapi-nis.git/plain/doc/sch-getting-started.txt
rob
Im configuring it with the OpenLdap option.
I will check the slapi-nis plugin, and see if i can get it to work.
Thanks for the tip.
// Richard
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
