Re: [Users] installing ovirt-engine on fc17 - postgresql service cannot be executed from /etc/init.d/postgresql

2012-11-13 Thread Eli Mesika


- Original Message -
 From: Alexey Kardashevskiy a...@ozlabs.ru
 To: Juan Hernandez jhern...@redhat.com
 Cc: users@ovirt.org
 Sent: Tuesday, November 13, 2012 2:05:27 AM
 Subject: Re: [Users] installing ovirt-engine on fc17 - postgresql service 
 cannot be executed from
 /etc/init.d/postgresql
 
 On 12/11/12 20:14, Juan Hernandez wrote:
  On 11/12/2012 06:45 AM, Alexey Kardashevskiy wrote:
  Hi!
 
  I am trying to configure ovirt-engine and having a problem that it
  cannot
  finish because cannot create database because there is no
  /etc/init.d/postgresql. How do I fix my setup? Some packages
  missing? Below
  is some information. Thanks.
 
 
  The system is Fedora17/_ppc64_ (not x86 if it matters) with my 3.6
  kernel.
 
  Below is the console output after running postgresql-setup
  initdb and
  engine-setup and the log produced by the engine-setup script.
 
 
  [root@vpl2 aik]# yum info ovirt-engine
  Loaded plugins: downloadonly, versionlock
  Installed Packages
  Name: ovirt-engine
  Arch: noarch
  Version : 3.1.0
  Release : 2.fc17
  Size: 1.3 M
  Repo: installed
From repo   : ovirt-stable
  Summary : Management server for Open Virtualization
  URL : http://www.ovirt.org
  License : ASL 2.0
  Description : oVirt Engine is a feature-rich server virtualization
  management
: system that provides advanced capabilities for
managing the Open
: virtualization infrastructure for Servers and
Desktops.
 
  [root@vpl2 aik]# ls -la /etc/init.d/postgresql
  ls: cannot access /etc/init.d/postgresql: No such file or
  directory
 
  [root@vpl2 aik]# postgresql-setup initdb
  Initializing database ... OK
 
  [root@vpl2 aik]# engine-setup
  Welcome to oVirt Engine setup utility
 
  WARNING: oVirt Engine setup has already been run on this host.
  To remove all configuration and reset oVirt Engine please run
  engine-cleanup.
  Please be advised that executing engine-setup without cleanup is
  not supported.
  Would you like to proceed? (yes|no): no
  Installation stopped, Goodbye.
  [root@vpl2 aik]# engine-setup
  Welcome to oVirt Engine setup utility
 
  WARNING: oVirt Engine setup has already been run on this host.
  To remove all configuration and reset oVirt Engine please run
  engine-cleanup.
  Please be advised that executing engine-setup without cleanup is
  not supported.
  Would you like to proceed? (yes|no): yes
  HTTP Port  [80] :
  HTTPS Port  [443] :
  Host fully qualified domain name, note that this name should be
  fully
  resolvable  [vpl2.ozlabs.ibm.com] :
  Password for Administrator (admin@internal) :
  Confirm password :
  Organization Name for the Certificate: ozlabs
  The default storage type you will be using  ['NFS'| 'FC'| 'ISCSI']
   [NFS] :
  Enter DB type for installation ['remote'| 'local']  [local] :
  Local database password :
  Confirm password :
  Should the installer configure NFS share on this server to be used
  as an
  ISO Domain? ['yes'| 'no']  [yes] :
  Local ISO domain path: /data/iso
  Display name for the ISO Domain: local-iso-share
  Firewall ports need to be opened.
  You can let the installer configure iptables automatically
  overriding the
  current configuration. The old configuration will be backed up.
  Alternately you can configure the firewall later using an example
  iptables
  file found under /usr/share/ovirt-engine/conf/iptables.example
  Configure iptables ? ['yes'| 'no']: yes
 
  oVirt Engine will be installed using the following configuration:
  =
  http-port: 80
  https-port:443
  host-fqdn: vpl2.ozlabs.ibm.com
  auth-pass: 
  org-name:  ozlabs
  default-dc-type:   NFS
  db-remote-install: local
  db-local-pass: 
  nfs-mp:/data/iso
  iso-domain-name:   local-iso-share
  config-nfs:yes
  override-iptables: yes
  Proceed with the configuration listed above? (yes|no): yes
 
  Installing:
  Configuring oVirt-engine...  [ DONE ]
  Creating CA...   [ DONE ]
  Editing JBoss Configuration...   [ DONE ]
  Setting Database Configuration...[ DONE ]
  Setting Database Security... [ DONE ]
  Creating Database...  [ ERROR ]
  Database creation failed
  Please check log file
  /var/log/ovirt-engine/engine-setup_2012_11_12_16_06_23.log for
  more information
 
  [root@vpl2 aik]# ps ax|grep postgresql
  13655 pts/2S+ 0:00 grep --color=auto postgresql
 
 
 
  *
 
  Here is a part of the
  /var/log/ovirt-engine/engine-setup_2012_11_12_16_06_23.log , can
  

Re: [Users] installing ovirt-engine on fc17 - postgresql service cannot be executed from /etc/init.d/postgresql

2012-11-13 Thread Juan Hernandez
On 11/13/2012 10:13 AM, Eli Mesika wrote:
 
 
 - Original Message -
 From: Alexey Kardashevskiy a...@ozlabs.ru
 To: Juan Hernandez jhern...@redhat.com
 Cc: users@ovirt.org
 Sent: Tuesday, November 13, 2012 2:05:27 AM
 Subject: Re: [Users] installing ovirt-engine on fc17 - postgresql service 
 cannot be executed from
 /etc/init.d/postgresql

 On 12/11/12 20:14, Juan Hernandez wrote:
 On 11/12/2012 06:45 AM, Alexey Kardashevskiy wrote:
 Hi!

 I am trying to configure ovirt-engine and having a problem that it
 cannot
 finish because cannot create database because there is no
 /etc/init.d/postgresql. How do I fix my setup? Some packages
 missing? Below
 is some information. Thanks.


 The system is Fedora17/_ppc64_ (not x86 if it matters) with my 3.6
 kernel.

 Below is the console output after running postgresql-setup
 initdb and
 engine-setup and the log produced by the engine-setup script.


 [root@vpl2 aik]# yum info ovirt-engine
 Loaded plugins: downloadonly, versionlock
 Installed Packages
 Name: ovirt-engine
 Arch: noarch
 Version : 3.1.0
 Release : 2.fc17
 Size: 1.3 M
 Repo: installed
   From repo   : ovirt-stable
 Summary : Management server for Open Virtualization
 URL : http://www.ovirt.org
 License : ASL 2.0
 Description : oVirt Engine is a feature-rich server virtualization
 management
   : system that provides advanced capabilities for
   managing the Open
   : virtualization infrastructure for Servers and
   Desktops.

 [root@vpl2 aik]# ls -la /etc/init.d/postgresql
 ls: cannot access /etc/init.d/postgresql: No such file or
 directory

 [root@vpl2 aik]# postgresql-setup initdb
 Initializing database ... OK

 [root@vpl2 aik]# engine-setup
 Welcome to oVirt Engine setup utility

 WARNING: oVirt Engine setup has already been run on this host.
 To remove all configuration and reset oVirt Engine please run
 engine-cleanup.
 Please be advised that executing engine-setup without cleanup is
 not supported.
 Would you like to proceed? (yes|no): no
 Installation stopped, Goodbye.
 [root@vpl2 aik]# engine-setup
 Welcome to oVirt Engine setup utility

 WARNING: oVirt Engine setup has already been run on this host.
 To remove all configuration and reset oVirt Engine please run
 engine-cleanup.
 Please be advised that executing engine-setup without cleanup is
 not supported.
 Would you like to proceed? (yes|no): yes
 HTTP Port  [80] :
 HTTPS Port  [443] :
 Host fully qualified domain name, note that this name should be
 fully
 resolvable  [vpl2.ozlabs.ibm.com] :
 Password for Administrator (admin@internal) :
 Confirm password :
 Organization Name for the Certificate: ozlabs
 The default storage type you will be using  ['NFS'| 'FC'| 'ISCSI']
  [NFS] :
 Enter DB type for installation ['remote'| 'local']  [local] :
 Local database password :
 Confirm password :
 Should the installer configure NFS share on this server to be used
 as an
 ISO Domain? ['yes'| 'no']  [yes] :
 Local ISO domain path: /data/iso
 Display name for the ISO Domain: local-iso-share
 Firewall ports need to be opened.
 You can let the installer configure iptables automatically
 overriding the
 current configuration. The old configuration will be backed up.
 Alternately you can configure the firewall later using an example
 iptables
 file found under /usr/share/ovirt-engine/conf/iptables.example
 Configure iptables ? ['yes'| 'no']: yes

 oVirt Engine will be installed using the following configuration:
 =
 http-port: 80
 https-port:443
 host-fqdn: vpl2.ozlabs.ibm.com
 auth-pass: 
 org-name:  ozlabs
 default-dc-type:   NFS
 db-remote-install: local
 db-local-pass: 
 nfs-mp:/data/iso
 iso-domain-name:   local-iso-share
 config-nfs:yes
 override-iptables: yes
 Proceed with the configuration listed above? (yes|no): yes

 Installing:
 Configuring oVirt-engine...  [ DONE ]
 Creating CA...   [ DONE ]
 Editing JBoss Configuration...   [ DONE ]
 Setting Database Configuration...[ DONE ]
 Setting Database Security... [ DONE ]
 Creating Database...  [ ERROR ]
 Database creation failed
 Please check log file
 /var/log/ovirt-engine/engine-setup_2012_11_12_16_06_23.log for
 more information

 [root@vpl2 aik]# ps ax|grep postgresql
 13655 pts/2S+ 0:00 grep --color=auto postgresql



 *

 Here is a part of the
 /var/log/ovirt-engine/engine-setup_2012_11_12_16_06_23.log , can
 post the
 whole thing but it is quite big and seems to be irrelevant to the
 issue.


 

[Users] Ovirt 3.1 and Samba4 AD

2012-11-13 Thread Alejandro
I'm triing to use Samba4rc5 like autenticator for Ovirt 3.1.0-3.26

First problem is Ovirt is user usernameprincipal  (login@domain in place of
login) to autenticate with Samba4, But samba4 don't use it.

I use
engine-manage-domains -action=add -domain=DOMAINFQDN -user=LOGIN
-provider=ActiveDirectory -interactive -addPermissions
And the result is:

No user in Directory was found for LOGIN@DOMAINFQDN. Trying next LDAP
server in list
Failure while testing domain DOMAINFQDN. Details: No user information was
found for user


And the Samba4 give me:
filter=((sAMAccountType=805306368)(userPrincipalName=LOGIN@DOMAINFQDN))

But no userPrincipalName is configured in any user.


Actual Solution: I add a userPrincipalName LOGIN@DOMAINFQDN in the LOGIN
account (using a ldap tool) and add the ovirt machine to the domain.

After restart the ovirt engine I go to the UserPortal.

I find now other problem, the user isn't search by the Common Name (cn), a
example of search
filter=((sAMAccountType=805306368)(|(givenname=TESTLOGIN)(sn=TESTLOGIN)(samaccountname=TESTLOGIN)(userPrincipalName=TESTLOGIN)))

must be
filter=((sAMAccountType=805306368)(|(givenname=TESTLOGIN)(cn=TESTLOGIN)(sn=TESTLOGIN)(samaccountname=TESTLOGIN)(userPrincipalName=TESTLOGIN)))


Thanks for all

-- 
Alejandro Escanero Blanco
Consultor de sistemas basados en fuentes abiertas
Desarrollador de FusionDirectory (http://www.fusiondirectory.org)
Blog: http://www.disasterproject.com
Jabber: blain...@jabberes.com
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


[Users] Install oVirt from source - 2nd test

2012-11-13 Thread Stephen Liu
Hi all,

Have another round to build oVirt from source following;

Building Engine Draft
http://wiki.ovirt.org/wiki/Building_Engine_Draft

OS - Fedora 17 desktop 64bit, fresh and clean installed.

Not much problem encountered up to Installing JBoss AS except follows:

1)
Maven personal settings
==

$ mkdir $HOME/.m2 
$ wget -O $HOME/.m2/settings.xml 
http://wiki.ovirt.org/w/images/1/18/Settings.xml.png

(it should read http://wiki.ovirt.org/w/images/1/18/Settings.xml.png;)
                    (not www)

2)
Check that the application server starts correctly: 

$ cd $JBOSS_HOME/bin
$ ./standalone.sh -b 0.0.0.0
===

  JBoss Bootstrap Environment

  JBOSS_HOME: /home/satimis/jboss-as

  JAVA: java

  JAVA_OPTS:  -server -XX:+UseCompressedOops -XX:+TieredCompilation -Xms64m 
-Xmx512m -XX:MaxPermSize=256m -Djava.net.preferIPv4Stack=true 
-Dorg.jboss.resolver.warning=true -Dsun.rmi.dgc.client.gcInterval=360 
-Dsun.rmi.dgc.server.gcInterval=360 
-Djboss.modules.system.pkgs=org.jboss.byteman -Djava.awt.headless=tr

.

22:14:38,217 INFO  [org.jboss.as] (Controller Boot Thread) JBAS015874: JBoss AS 
7.1.1.Final Brontes started in 6662ms - Started 133 of 208 services (74 
services are passive or on-demand)


It hung here;

Press [Ctrl] + c
it continued to display:

19:49,653 INFO  [org.jboss.as.osgi] (MSC service thread 1-3) JBAS011942: 
Stopping OSGi Framework
22:19:49,701 INFO  [org.jboss.as.logging] JBAS011503: Restored bootstrap log 
handlers
22:19:49,726 INFO  [org.apache.coyote.http11.Http11Protocol] Pausing Coyote 
HTTP/1.1 on http--0.0.0.0-8080
22:19:49,727 INFO  [org.apache.coyote.http11.Http11Protocol] Stopping Coyote 
HTTP/1.1 on http--0.0.0.0-8080
22:19:49,729 INFO  [com.arjuna.ats.jbossatx] ARJUNA032018: Destroying 
TransactionManagerService
22:19:49,730 INFO  [com.arjuna.ats.jbossatx] ARJUNA032014: Stopping transaction 
recovery manager
22:19:49,753 INFO  [org.jboss.as] JBAS015950: JBoss AS 7.1.1.Final Brontes 
stopped in 111ms

Is it normal?  Without problem?

Thanks

B.R.
Stephen L
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [Users] Ovirt 3.1 and Samba4 AD

2012-11-13 Thread Alejandro
2012/11/13 Yair Zaslavsky yzasl...@redhat.com

 Hi ALejandro,
 Officially we're not supporting Sambra4rc5, but I talked with Alon Bar-Lev
 (CC'ed) and he explained me Sambra4rc5 is 2003 AD compliant.


Hi Yair
I know it, but is very interesting the idea to avoid Microsoft solutions
and move to OpenSource Enviroment.


 I am not sure why you had to add the cn part, can you elaborate?



I find the problem, isn't the cn, only when the user has a
userPrincipalName is find by ovirt.


Probably will be a problem in migration from samba3 to samba4, will quest
in samba4 technical list.

Thanks



-- 
Alejandro Escanero Blanco
Consultor de sistemas basados en fuentes abiertas
Desarrollador de FusionDirectory (http://www.fusiondirectory.org)
Blog: http://www.disasterproject.com
Jabber: blain...@jabberes.com
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [Users] oVirt nightly-11-11 and gluster

2012-11-13 Thread Joop

Balamurugan Arumugam wrote:

Hi,

- Original Message -
  

From: Joop jvdw...@xs4all.nl
To: users@ovirt.org
Sent: Monday, November 12, 2012 5:29:32 PM
Subject: [Users] oVirt nightly-11-11 and gluster

Came across the following error in engine.log after creating a new
gluster
volume.
2012-11-12 12:39:35,264 INFO
[org.ovirt.engine.core.vdsbroker.gluster.GlusterVolumesListVDSCommand]
(QuartzScheduler_Worker-94) START,
GlusterVolumesListVDSCommand(HostName =
st01, HostId = 402f987e-2804-11e2-aa60-78e7d1f4ada5), log id:
33d22dbf
2012-11-12 12:39:35,376 ERROR
[org.ovirt.engine.core.vdsbroker.vdsbroker.VdsBrokerCommand]
(QuartzScheduler_Worker-94) Failed in GlusterVolumesListVDS method,
for
vds: st01; host: st01.nieuwland.nl
2012-11-12 12:39:35,377 ERROR
[org.ovirt.engine.core.vdsbroker.VDSCommandBase]
(QuartzScheduler_Worker-94) Command GlusterVolumesListVDS execution
failed. Exception: NumberFormatException: For input string: 1 x 2 =
2




In case of REPLICATE and STRIPE volume type, we suppose to get integer value in 
brick count.  But I am seeing '1 x 2 = 2'.  This could be a recent change in 
'gluster volume info' output.  Can you send me below details?
1. output of 'rpm -qa | grep glusterfs'
2. output of 'gluster volume info' command

However we are in the process of using xml output 
http://gerrit.ovirt.org/#/c/7951/


  
Found a post of Brian Vetter, 
http://www.mail-archive.com/users@ovirt.org/msg04135.html, I alse did 
the setsebool sanlock_use_nfs on and now I can atleast access the a 
distributed volume.

Next try will be a replicated volume.

This is the part of sanlock.log of today trying to attach Data:

2012-11-13 16:05:30+0100 455673 [1875]: s4 lockspace 
022ef32b-a4a9-4976-9961-cb0564e458fb:250:/rhev/data-center/mnt/st01.nieuwland.nl:_Data/022ef32b-a4a9-4976-9961-cb0564e458fb/dom_md/ids:0
2012-11-13 16:05:30+0100 455673 [10021]: open error -13 
/rhev/data-center/mnt/st01.nieuwland.nl:_Data/022ef32b-a4a9-4976-9961-cb0564e458fb/dom_md/ids
2012-11-13 16:05:30+0100 455673 [10021]: s4 open_disk 
/rhev/data-center/mnt/st01.nieuwland.nl:_Data/022ef32b-a4a9-4976-9961-cb0564e458fb/dom_md/ids 
error -13
2012-11-13 16:27:21+0100 456984 [1874]: s5 lockspace 
022ef32b-a4a9-4976-9961-cb0564e458fb:250:/rhev/data-center/mnt/st01.nieuwland.nl:_Data/022ef32b-a4a9-4976-9961-cb0564e458fb/dom_md/ids:0
2012-11-13 16:27:42+0100 457005 [1875]: s5:r1 resource 
022ef32b-a4a9-4976-9961-cb0564e458fb:SDM:/rhev/data-center/mnt/st01.nieuwland.nl:_Data/022ef32b-a4a9-4976-9961-cb0564e458fb/dom_md/leases:0 
for 3,14,2164
2012-11-13 16:27:48+0100 457011 [1874]: s6 lockspace 
022ef32b-a4a9-4976-9961-cb0564e458fb:1:/rhev/data-center/mnt/st01.nieuwland.nl:_Data/022ef32b-a4a9-4976-9961-cb0564e458fb/dom_md/ids:0 



Joop

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [Users] oVirt nightly-11-11 and gluster

2012-11-13 Thread Joop

Joop wrote:

Balamurugan Arumugam wrote:

Hi,

- Original Message -
  

From: Joop jvdw...@xs4all.nl
To: users@ovirt.org
Sent: Monday, November 12, 2012 5:29:32 PM
Subject: [Users] oVirt nightly-11-11 and gluster

Came across the following error in engine.log after creating a new
gluster
volume.
2012-11-12 12:39:35,264 INFO
[org.ovirt.engine.core.vdsbroker.gluster.GlusterVolumesListVDSCommand]
(QuartzScheduler_Worker-94) START,
GlusterVolumesListVDSCommand(HostName =
st01, HostId = 402f987e-2804-11e2-aa60-78e7d1f4ada5), log id:
33d22dbf
2012-11-12 12:39:35,376 ERROR
[org.ovirt.engine.core.vdsbroker.vdsbroker.VdsBrokerCommand]
(QuartzScheduler_Worker-94) Failed in GlusterVolumesListVDS method,
for
vds: st01; host: st01.nieuwland.nl
2012-11-12 12:39:35,377 ERROR
[org.ovirt.engine.core.vdsbroker.VDSCommandBase]
(QuartzScheduler_Worker-94) Command GlusterVolumesListVDS execution
failed. Exception: NumberFormatException: For input string: 1 x 2 =
2




In case of REPLICATE and STRIPE volume type, we suppose to get integer value in 
brick count.  But I am seeing '1 x 2 = 2'.  This could be a recent change in 
'gluster volume info' output.  Can you send me below details?
1. output of 'rpm -qa | grep glusterfs'
2. output of 'gluster volume info' command

However we are in the process of using xml output 
http://gerrit.ovirt.org/#/c/7951/


  
Found a post of Brian Vetter, 
http://www.mail-archive.com/users@ovirt.org/msg04135.html, I alse did 
the setsebool sanlock_use_nfs on and now I can atleast access the a 
distributed volume.

Next try will be a replicated volume.

To follow up on my post. Using a replicated volume works too ;-)

Joop

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [Users] Second cdrom device

2012-11-13 Thread Cristian Falcas
Hi,

Sorry, but I couldn't find anything related on how to add floppy images to
the virtual machines.

Any pointers on where to look?

Best regards


On Tue, Nov 6, 2012 at 7:37 AM, Itamar Heim ih...@redhat.com wrote:

 On 11/06/2012 12:23 AM, Cristian Falcas wrote:

 Does the floppy image needs to be 1.5MB, or can it take any size?


 i suggest checking :)





 On Tue, Nov 6, 2012 at 1:21 AM, Andrew Cathrow acath...@redhat.com
 mailto:acath...@redhat.com wrote:

 Using a virtual floppy is probably the easiest way and it's well
 supported in the UI and API.


 --**--**
 

 *From: *Cristian Falcas cristi.fal...@gmail.com
 mailto:cristi.falcas@gmail.**com cristi.fal...@gmail.com
 *To: *users@ovirt.org mailto:users@ovirt.org
 *Sent: *Monday, November 5, 2012 6:19:04 PM
 *Subject: *[Users] Second cdrom device



 Hi,

 Can I somehow attach a second cdrom device to a virtual machine?
 I was thinking on adding the virtio drivers for Windows OSs this
 way.

 Best regards,
 Cristian

 __**_
 Users mailing list
 Users@ovirt.org mailto:Users@ovirt.org
 
 http://lists.ovirt.org/**mailman/listinfo/usershttp://lists.ovirt.org/mailman/listinfo/users






 __**_
 Users mailing list
 Users@ovirt.org
 http://lists.ovirt.org/**mailman/listinfo/usershttp://lists.ovirt.org/mailman/listinfo/users




___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [Users] Ovirt 3.1 and Samba4 AD

2012-11-13 Thread Charlie
FreeIPA is a microsoft clone solution.  It is an emulator for AD,
much like Samba4 is.  Neither of them is based on Open Standards,
although both are Open Source.  This is a very important distinction.

In our test RHEVM environment, only closed-source, proprietary
Microsoft Active Directory could provide a fully functional user
provisioning interface.  We attempted OpenLDAP, FreeIPA, and Samba4
but after a couple of weeks the bosses got tired of the slow progress,
threw up their hands and told us to just use Microsoft.  This
situation led directly to the replacement of half a dozen production
Red Hat servers with Microsoft Hyper-V hosted Windows servers.
Essentially, this one shortcoming (inability to use OpenLDAP as an AAA
source) ended up driving the abandonment of Open Source in our
enterprise.  We're currently in the process of replacing all our FOSS
infrastructure in DNS, DHCP, NTP, LDAP, etc. with ADS and there's
nothing I can do to stop that.

http://en.wikipedia.org/wiki/For_Want_of_a_Nail_%28proverb%29

It's very unfortunate.  Law of unintended consequences I guess.  I
would like to help oVirt gain compatibility with standards-based
services like OpenLDAP, but the code's in a language I haven't used
and a version control system I haven't used and the wiki has no LDAP
interaction design documents (other than the sources themselves) and
I've got very limited free time, all of which makes it hard to
contribute.

I hope that didn't sound too much like whining.  I don't blame anyone
outside my organization for my organization's bad decisions, I'm just
pointing out that giving your userbase no option other than to
implement proprietary Directory models may have unintended
consequences in the field.  Why spend a lot of money pretending to be
Microsoft when you can be Microsoft for the same or less money?

--Charlie

 I know it, but is very interesting the idea to avoid Microsoft solutions
 and move to OpenSource Enviroment.


 we do support a few other directory solutions (like freeIPA and 389ds).
 389ds needs a kerberos enhancement.


Kerberos should be optional.  Many organizations don't need the extra
complexity, LDAP STARTTLS or LDAPS gives them all the security they
need.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [Users] Ovirt 3.1 and Samba4 AD

2012-11-13 Thread Alon Bar-Lev


- Original Message -
 From: Charlie medieval...@gmail.com
 To: Itamar Heim ih...@redhat.com
 Cc: users users@ovirt.org
 Sent: Tuesday, November 13, 2012 10:40:34 PM
 Subject: Re: [Users] Ovirt 3.1 and Samba4 AD
 
 FreeIPA is a microsoft clone solution.  It is an emulator for AD,
 much like Samba4 is.  Neither of them is based on Open Standards,
 although both are Open Source.  This is a very important distinction.
 
 In our test RHEVM environment, only closed-source, proprietary
 Microsoft Active Directory could provide a fully functional user
 provisioning interface.  We attempted OpenLDAP, FreeIPA, and Samba4
 but after a couple of weeks the bosses got tired of the slow
 progress,
 threw up their hands and told us to just use Microsoft.  This
 situation led directly to the replacement of half a dozen production
 Red Hat servers with Microsoft Hyper-V hosted Windows servers.
 Essentially, this one shortcoming (inability to use OpenLDAP as an
 AAA
 source) ended up driving the abandonment of Open Source in our
 enterprise.  We're currently in the process of replacing all our FOSS
 infrastructure in DNS, DHCP, NTP, LDAP, etc. with ADS and there's
 nothing I can do to stop that.
 
 http://en.wikipedia.org/wiki/For_Want_of_a_Nail_%28proverb%29
 
 It's very unfortunate.  Law of unintended consequences I guess.  I
 would like to help oVirt gain compatibility with standards-based
 services like OpenLDAP, but the code's in a language I haven't used
 and a version control system I haven't used and the wiki has no LDAP
 interaction design documents (other than the sources themselves) and
 I've got very limited free time, all of which makes it hard to
 contribute.
 
 I hope that didn't sound too much like whining.  I don't blame anyone
 outside my organization for my organization's bad decisions, I'm just
 pointing out that giving your userbase no option other than to
 implement proprietary Directory models may have unintended
 consequences in the field.  Why spend a lot of money pretending to be
 Microsoft when you can be Microsoft for the same or less money?

Not at all.
I feel the same, we really need to support openldap without krb and with krb.

Alon.

 --Charlie
 
  I know it, but is very interesting the idea to avoid Microsoft
  solutions
  and move to OpenSource Enviroment.
 
 
  we do support a few other directory solutions (like freeIPA and
  389ds).
  389ds needs a kerberos enhancement.
 
 
 Kerberos should be optional.  Many organizations don't need the extra
 complexity, LDAP STARTTLS or LDAPS gives them all the security they
 need.
 ___
 Users mailing list
 Users@ovirt.org
 http://lists.ovirt.org/mailman/listinfo/users
 
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [Users] Ovirt 3.1 and Samba4 AD

2012-11-13 Thread Alejandro
2012/11/13 Yair Zaslavsky yzasl...@redhat.com

 There is a reason why we query for userPrincipalName so it has to include
 this information.


From
http://theessentialexchange.com/blogs/michael/archive/2007/11/13/the-user-principle-name-and-you.aspx
:

The user principal name is not a required attribute (that is, Active
Directory does not require it to be set). The new user wizard in ADUC
makes you set it - but you can go in and delete it from the Account
Properties page later, and when you are creating users programmatically
(such as via scripting), it doesn't need to be specified at all.

Which is the reason to make searchs with a not required attribute?

Thanks


-- 
Alejandro Escanero Blanco
Consultor de sistemas basados en fuentes abiertas
Desarrollador de FusionDirectory (http://www.fusiondirectory.org)
Blog: http://www.disasterproject.com
Jabber: blain...@jabberes.com
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [Users] Ovirt 3.1 and Samba4 AD

2012-11-13 Thread Yair Zaslavsky


- Original Message -
 From: Alon Bar-Lev alo...@redhat.com
 To: Charlie medieval...@gmail.com
 Cc: users users@ovirt.org
 Sent: Tuesday, November 13, 2012 10:46:37 PM
 Subject: Re: [Users] Ovirt 3.1 and Samba4 AD
 
 
 
 - Original Message -
  From: Charlie medieval...@gmail.com
  To: Itamar Heim ih...@redhat.com
  Cc: users users@ovirt.org
  Sent: Tuesday, November 13, 2012 10:40:34 PM
  Subject: Re: [Users] Ovirt 3.1 and Samba4 AD
  
  FreeIPA is a microsoft clone solution.  It is an emulator for AD,
  much like Samba4 is.  Neither of them is based on Open Standards,
  although both are Open Source.  This is a very important
  distinction.
  
  In our test RHEVM environment, only closed-source, proprietary
  Microsoft Active Directory could provide a fully functional user
  provisioning interface.  We attempted OpenLDAP, FreeIPA, and Samba4
  but after a couple of weeks the bosses got tired of the slow
  progress,
  threw up their hands and told us to just use Microsoft.  This
  situation led directly to the replacement of half a dozen
  production
  Red Hat servers with Microsoft Hyper-V hosted Windows servers.
  Essentially, this one shortcoming (inability to use OpenLDAP as an
  AAA
  source) ended up driving the abandonment of Open Source in our
  enterprise.  We're currently in the process of replacing all our
  FOSS
  infrastructure in DNS, DHCP, NTP, LDAP, etc. with ADS and there's
  nothing I can do to stop that.
  
  http://en.wikipedia.org/wiki/For_Want_of_a_Nail_%28proverb%29
  
  It's very unfortunate.  Law of unintended consequences I guess.  I
  would like to help oVirt gain compatibility with standards-based
  services like OpenLDAP, but the code's in a language I haven't used
  and a version control system I haven't used and the wiki has no
  LDAP
  interaction design documents (other than the sources themselves)
  and
  I've got very limited free time, all of which makes it hard to
  contribute.
  
  I hope that didn't sound too much like whining.  I don't blame
  anyone
  outside my organization for my organization's bad decisions, I'm
  just
  pointing out that giving your userbase no option other than to
  implement proprietary Directory models may have unintended
  consequences in the field.  Why spend a lot of money pretending to
  be
  Microsoft when you can be Microsoft for the same or less money?
 
 Not at all.
 I feel the same, we really need to support openldap without krb and
 with krb.

+10 here (not to say we really need to extract all our query/attribute mapping 
logic in such way we can further ease integration with new ldap proiders).

 
 Alon.
 
  --Charlie
  
   I know it, but is very interesting the idea to avoid Microsoft
   solutions
   and move to OpenSource Enviroment.
  
  
   we do support a few other directory solutions (like freeIPA and
   389ds).
   389ds needs a kerberos enhancement.
  
  
  Kerberos should be optional.  Many organizations don't need the
  extra
  complexity, LDAP STARTTLS or LDAPS gives them all the security they
  need.
  ___
  Users mailing list
  Users@ovirt.org
  http://lists.ovirt.org/mailman/listinfo/users
  
 ___
 Users mailing list
 Users@ovirt.org
 http://lists.ovirt.org/mailman/listinfo/users
 
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


Re: [Users] Second cdrom device

2012-11-13 Thread Itamar Heim

On 11/13/2012 10:27 PM, Cristian Falcas wrote:

Hi,

Sorry, but I couldn't find anything related on how to add floppy images
to the virtual machines.

Any pointers on where to look?


stand on a VM and click run-once, under boot options



Best regards


On Tue, Nov 6, 2012 at 7:37 AM, Itamar Heim ih...@redhat.com
mailto:ih...@redhat.com wrote:

On 11/06/2012 12:23 AM, Cristian Falcas wrote:

Does the floppy image needs to be 1.5MB, or can it take any size?


i suggest checking :)





On Tue, Nov 6, 2012 at 1:21 AM, Andrew Cathrow
acath...@redhat.com mailto:acath...@redhat.com
mailto:acath...@redhat.com mailto:acath...@redhat.com wrote:

 Using a virtual floppy is probably the easiest way and it's
well
 supported in the UI and API.




--__--__

 *From: *Cristian Falcas cristi.fal...@gmail.com
mailto:cristi.fal...@gmail.com
 mailto:cristi.falcas@gmail.__com
mailto:cristi.fal...@gmail.com
 *To: *users@ovirt.org mailto:users@ovirt.org
mailto:users@ovirt.org mailto:users@ovirt.org
 *Sent: *Monday, November 5, 2012 6:19:04 PM
 *Subject: *[Users] Second cdrom device



 Hi,

 Can I somehow attach a second cdrom device to a virtual
machine?
 I was thinking on adding the virtio drivers for Windows
OSs this
 way.

 Best regards,
 Cristian

 _
 Users mailing list
Users@ovirt.org mailto:Users@ovirt.org mailto:Users@ovirt.org
mailto:Users@ovirt.org
http://lists.ovirt.org/__mailman/listinfo/users
http://lists.ovirt.org/mailman/listinfo/users






_
Users mailing list
Users@ovirt.org mailto:Users@ovirt.org
http://lists.ovirt.org/__mailman/listinfo/users
http://lists.ovirt.org/mailman/listinfo/users







___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users