[ovirt-users] active directory: how to replace u...@corp.mydomain.com with u...@mydomain.com

2019-04-16 Thread Jarosław Prokopowski
I configured active directory authentication but the problem is I need to replace u...@corp.mydomain.com with u...@mydomain.com to be able to authenticate. ovirt-engine-extension-aaa-misc has been installed and I configured it as shown below but still it is not working. Do you have any idea

Re: [ovirt-users] active directory and sso

2018-02-04 Thread 董青龙
Here are the engine logs: 2018-02-05 14:53:53,681+08 INFO [org.ovirt.engine.core.sso.utils.AuthenticationUtils] (default task-38) [] User t...@test.org successfully logged in with scopes: ovirt-app-admin ovirt-app-api ovirt-app-portal ovirt-ext=auth:sequence-priority=~

Re: [ovirt-users] active directory and sso

2018-02-01 Thread Martin Perina
On Fri, Feb 2, 2018 at 4:46 AM, 董青龙 wrote: > Thanks for the reply. I have completely configured all the things in > option 1 which you told. But it seems that sso still does not work. My > domain forest is "test.org" and my user is "test". When I login the user > portal, I get

Re: [ovirt-users] active directory and sso

2018-02-01 Thread 董青龙
Thanks for the reply. I have completely configured all the things in option 1 which you told. But it seems that sso still does not work. My domain forest is "test.org" and my user is "test". When I login the user portal, I get "t...@test.org@test.org" int the top right corner. Should it be

[ovirt-users] active directory and sso

2018-02-01 Thread 董青龙
Hi, all I am trying to make SSO working with windows7 vm in an ovirt 4.1 environment. Ovirt-guest-agent has been installed in windows7 vm. I have an active directory server of windows2012 and I have configured the engine using "ovirt-engine-extension-aaa-ldap-setup" successfully. The

Re: [ovirt-users] Active Directory authentication setup

2017-07-17 Thread Todd Punderson
! From: users-boun...@ovirt.org <users-boun...@ovirt.org> on behalf of Todd Punderson <t...@doonga.org> Sent: Monday, July 17, 2017 9:05:12 AM To: Ondra Machacek Cc: users@ovirt.org Subject: Re: [ovirt-users] Active Directory authentication setup Hi, Agreed on the

Re: [ovirt-users] Active Directory authentication setup

2017-07-17 Thread Ondra Machacek
This is most probably certificate issue. Can you please share output of following command: $ ldapsearch -d 1 -H ldaps://DC3.home.doonga.org -x -s base -b '' And also the output of following command: $ openssl x509 -in /path/to/your/active_diretory_ca.pem -text -noout Are you sure you added

[ovirt-users] Active Directory authentication setup

2017-07-15 Thread Todd Punderson
Hi, I've been pulling my hair out over this one. Here's the output of ovirt-engine-extension-aaa-ldap-setup. Everything works fine if I use "plain" but I don't really want to do that. I searched the error that's shown below and tried several different "fixes" but none of them

Re: [ovirt-users] active directory

2017-06-08 Thread qinglong.d...@horebdata.cn
It worked. Thanks! From: Ondra Machacek Date: 2017-06-08 14:45 To: qinglong.d...@horebdata.cn CC: Latcho; users Subject: Re: Re: [ovirt-users] active directory If you are using Active Directory you most probably don't use Anonymous bind. The question: Enter search user DN

Re: [ovirt-users] active directory

2017-06-08 Thread Ondra Machacek
nexpected comma > or semicolon found at the end of the DN string. > 2017-06-08 11:26:09,703+08 SEVERE Unexpected comma or semicolon > found at the end of the DN string. > [ ERROR ] Login sequence failed > Please investigate details of the failure (search for lines >

Re: [ovirt-users] active directory

2017-06-07 Thread qinglong.d...@horebdata.cn
ng SEVERE log level). Select test sequence to execute (Done, Abort, Login, Search) [Abort]: From: Ondra Machacek Date: 2017-06-07 14:47 To: qinglong.d...@horebdata.cn CC: users Subject: Re: [ovirt-users] active directory Or you can try the migration tool: https://github.com/oVirt/ovirt-en

Re: [ovirt-users] active directory

2017-06-07 Thread Ondra Machacek
t.org/pipermail/users/2016-September/042937.html > > > > Best, > > Latcho > > > > > > From: users-boun...@ovirt.org [mailto:users-boun...@ovirt.org] On Behalf Of > qinglong.d...@horebdata.cn > Sent: Wednesday, June 07, 2017 4:57 AM > To: users > Subje

Re: [ovirt-users] active directory

2017-06-07 Thread Latchezar Filtchev
This can help you: http://lists.ovirt.org/pipermail/users/2016-September/042937.html Best, Latcho From: users-boun...@ovirt.org [mailto:users-boun...@ovirt.org] On Behalf Of qinglong.d...@horebdata.cn Sent: Wednesday, June 07, 2017 4:57 AM To: users Subject: [ovirt-users] active directory Hi

[ovirt-users] active directory

2017-06-06 Thread qinglong.d...@horebdata.cn
Hi all, I used "engine-manage-domains" to add AD to ovirt in earlier version. What should I do in ovirt 4.1? Hope someone can help. Thanks! ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Active Directory domain authorization in oVirt Hosted Engine guest OS

2016-10-20 Thread aleksey . maksimov
Thank You for the advice, Karli Problem solved here: https://lists.fedorahosted.org/archives/list/sssd-us...@lists.fedorahosted.org/thread/NDBFLJ774A2TUWC65CHRQ5XVL3DGVMQR/ Again sorry for offtopic 19.10.2016, 15:23, "Karli Sjöberg" : > On Wed, 2016-10-19 at 13:48 +0300,

Re: [ovirt-users] Active Directory domain authorization in oVirt Hosted Engine guest OS

2016-10-19 Thread Karli Sjöberg
On Wed, 2016-10-19 at 13:48 +0300, aleksey.maksi...@it-kb.ru wrote: > Hello oVirt guru`s! > > I'm sorry for possible offtopic, but I do not know where to seek > help. > > I want to set up Active Directory domain authorization in oVirt > Hosted Engine guest OS. > > For this I use SSSD as

[ovirt-users] Active Directory domain authorization in oVirt Hosted Engine guest OS

2016-10-19 Thread aleksey . maksimov
Hello oVirt guru`s! I'm sorry for possible offtopic, but I do not know where to seek help. I want to set up Active Directory domain authorization in oVirt Hosted Engine guest OS. For this I use SSSD as described here:

Re: [ovirt-users] Active Directory (LDAP) user auth is slow

2016-03-24 Thread Karli Sjöberg
Sorry about the thread-breakage, OWA... Från: Ondra Machacek <omach...@redhat.com> Skickat: den 24 mars 2016 15:08 Till: Karli Sjöberg Kopia: Martin Perina; Will Dennis; users Ämne: Re: [ovirt-users] Active Directory (LDAP) user auth is slow On 03/2

Re: [ovirt-users] Active Directory (LDAP) user auth is slow

2016-03-24 Thread Will Dennis
No worries... I only had a few VMs to re-assign, so I did it manually... -Original Message- From: Karli Sjöberg [mailto:karli.sjob...@slu.se] Sent: Thursday, March 24, 2016 11:13 AM To: Ondra Machacek Cc: Martin Perina; Will Dennis; users Subject: SV: [ovirt-users] Active Directory

Re: [ovirt-users] Active Directory (LDAP) user auth is slow

2016-03-24 Thread Karli Sjöberg
Den 24 mars 2016 3:06 em skrev Ondra Machacek : > > On 03/24/2016 03:02 PM, Karli Sjöberg wrote: > > > > Den 24 mars 2016 13:49 skrev Ondra Machacek : > > > > > > Hi, > > > > > > if you remove user, then also permissions of that user to vms will be >

Re: [ovirt-users] Active Directory (LDAP) user auth is slow

2016-03-24 Thread Karli Sjöberg
Den 24 mars 2016 13:49 skrev Ondra Machacek : > > Hi, > > if you remove user, then also permissions of that user to vms will be > removed. > And yes, you will have to add all those permissions back to users from > new profile. > > But, you can try migration tool[1], to

Re: [ovirt-users] Active Directory (LDAP) user auth is slow

2016-03-24 Thread Ondra Machacek
On 03/24/2016 03:02 PM, Karli Sjöberg wrote: Den 24 mars 2016 13:49 skrev Ondra Machacek : > > Hi, > > if you remove user, then also permissions of that user to vms will be > removed. > And yes, you will have to add all those permissions back to users from > new

Re: [ovirt-users] Active Directory (LDAP) user auth is slow

2016-03-24 Thread Ondra Machacek
Hi, if you remove user, then also permissions of that user to vms will be removed. And yes, you will have to add all those permissions back to users from new profile. But, you can try migration tool[1], to migrate all users to new AAA profile. If you have any problem with it, you can ask.

Re: [ovirt-users] Active Directory (LDAP) user auth is slow

2016-03-24 Thread Will Dennis
In the RHEV Admin Guide that Martin mentioned, it says: "Log in to the Administration Portal, and remove all users and groups related to the old profile. Users defined in the removed domain will no longer be able to authenticate with the Red Hat Enterprise Virtualization Manager. The entries

Re: [ovirt-users] Active Directory (LDAP) user auth is slow

2016-03-21 Thread Martin Perina
On Mon, Mar 21, 2016 at 8:20 AM, Yedidyah Bar David wrote: > On Mon, Mar 21, 2016 at 4:47 AM, Will Dennis wrote: > > Hi all, > > > > I have enabled Active Directory authentication for the users in oVirt > (via engine-manage-domains command using

Re: [ovirt-users] Active Directory (LDAP) user auth is slow

2016-03-21 Thread Yedidyah Bar David
On Mon, Mar 21, 2016 at 4:47 AM, Will Dennis wrote: > Hi all, > > I have enabled Active Directory authentication for the users in oVirt (via > engine-manage-domains command using --provider=ad) and, although it works, it > takes about ~50 sec’s to process a login. I have

[ovirt-users] Active Directory (LDAP) user auth is slow

2016-03-20 Thread Will Dennis
Hi all, I have enabled Active Directory authentication for the users in oVirt (via engine-manage-domains command using --provider=ad) and, although it works, it takes about ~50 sec’s to process a login. I have other OSS software that utilizes AD auth, and there is no such lag when processing