Thanks Martin,
Not really, my initial attempts were held up because I
got confused with the new usrname format which is now UPN@domain and now
equated to name@domain@domain or name@subdomain.domain@domain.
It may be easier for us to add permissions to the templates,VM, and disks or to
use the roles service to find the user/object.
Regards,
Paul S.
From: Martin Perina
Sent: 08 July 2018 12:31
To: Staniforth, Paul
Cc: users; Ondra Machacek
Subject: Re: [ovirt-users] change from LDAP to AD authentication
On Thu, Jul 5, 2018 at 12:36 PM,
mailto:p.stanifo...@leedsbeckett.ac.uk>> wrote:
Hello,
as part of our policy I have to change from LDAP to Active Directory
for authentication in our oVirt system.
?Hmm, do I understand that correctly that you were moving oVirt users from some
other LDAP server to AD? Any reason other than political to do that?
?
I have managed to configure a test system that allows users to login using the
CN (sAMAccountName) as before. The users in the system using the AD namespace
are using their UPN for their user name.
Do we have to copy permissions from all the old accounts to their new accounts
or is there a way to rename them to the UPN retaining there old permissions?
?I don't think there is any other way than to copy permissions. But you can
automate the process using for example
ovirt_permissions/ovirt_permissions?_facts Ansible modules [1] or one of our
SDKs (Python, Java, Ruby).
Martin
[1]
https://docs.ansible.com/ansible/latest/modules/list_of_cloud_modules.html#ovirt
Thanks,
Paul S.
___
Users mailing list -- users@ovirt.org<mailto:users@ovirt.org>
To unsubscribe send an email to
users-le...@ovirt.org<mailto:users-le...@ovirt.org>
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/3W3UAU3G3V53E7GT4CKT2MIH3GAFZ4DU/
--
Martin Perina
Associate Manager, Software Engineering
Red Hat Czech s.r.o.
To view the terms under which this email is distributed, please go to:-
http://disclaimer.leedsbeckett.ac.uk/disclaimer/disclaimer.html
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/PVYRJMD3JVVBS5BQNBZZ6VGETAH2HZNZ/