[ovirt-users] Re: ldaps-config

2020-02-27 Thread Lucie Leistnerova 


On 2/27/20 5:04 PM, Budur Nagaraju wrote:
Am using ldaps not starttls,  when i do dig able to resolve the,  not 
sure where exactly doing mistake.


I don't understand. So what dig command of the SRV did you use and what 
it returns?
And why you have in one error _ldaps._tcp.psecure.net 
 and another _ldaps._tcp.abc.net 
?


Please, also send the settings from /etc/ovirt-engine/aaa/ and engine log.

Using 4.3 version.

Thanks,
Nagaraju

On Thu, Feb 27, 2020, 9:22 PM Lucie Leistnerova > wrote:


Hi, I've checked again the options in the aaa tool.

On 2/27/20 4:20 PM, Budur Nagaraju wrote:

can some one help me on the issue ? badly stuck on this have not
got any pointer on fix .

An error occurred while attempting to query DNS in order to
retrieve SRV records with name '_ldaps._tcp.abc.net
': NameNotFoundException(DNS name not
found [response code 3]), ldapSDKVersion=4.0.7,
revision=b28fb50058dfe2864171df2448ad2ad2b4c2ad58


It seems your DNS is not configured to resolve ldap servers.
Please disable DNS and use direct fqdn/ip of the server or
configure the DNS SRV record.

From the documentation:
Press *Enter* to accept the default and configure domain name
resolution for your LDAP server name:

|It is highly recommended to use DNS resolution for LDAP server.
If for some reason you intend to use hosts or plain address
disable DNS usage. Use DNS (Yes, No) [Yes]: |||

||

||


Thanks,
Nagaraju


On Thu, Feb 27, 2020 at 8:48 PM Budur Nagaraju mailto:nbud...@gmail.com>> wrote:

Hi Lucie,

Can you please help me on this issue? am using ldaps for the
configuration.

Thanks,
Nagaraju


On Thu, Feb 27, 2020 at 4:00 PM Budur Nagaraju
mailto:nbud...@gmail.com>> wrote:

Hi Lucie,

Have tried the option but when trying to logon from the
browser getting the below error.
Any tweaks can be made ?


An error occurred while attempting to query DNS in order
to retrieve SRV records with name
'_ldaps._tcp.psecure.net ':
NameNotFoundException(DNS name not found [response code
3]), ldapSDKVersion=4.0.7,
revision=b28fb50058dfe2864171df2448ad2ad2b4c2ad58

Thanks,
Nagaraju



On Thu, Feb 27, 2020 at 3:51 PM Lucie Leistnerova
mailto:lleis...@redhat.com>> wrote:

Hi Budur,

or just use the tool for it - Configuring an External
LDAP Provider

https://www.ovirt.org/documentation/admin-guide/chap-Users_and_Roles.html

Best regards,

Lucie

On 2/27/20 9:32 AM, Eduardo Mayoral wrote:


Should be as simple as this:


[root@ovirt-hc0 ~]# cat
/etc/ovirt-engine/aaa//activedirectory/.properties
include = 

vars.domain = XX
vars.user = YYY
vars.password = Z

*pool.default.ssl.startTLS = true**
**pool.default.ssl.startTLSProtocol = TLSv1.2*

pool.default.auth.simple.bindDN = ${global:vars.user}
pool.default.auth.simple.password =
${global:vars.password}
pool.default.serverset.type = srvrecord
pool.default.serverset.srvrecord.domain =
${global:vars.domain}



Just remember to trust the certificate authority for
the ldaps certificate in the ovirt engine server.


https://stackoverflow.com/questions/37043442/how-to-add-certificate-authority-file-in-centos-7


On 27/2/20 4:42, Budur Nagaraju wrote:

Hi

Can someone help me in configuring ldaps in oVirt
Engine 4.x ?

Thanks,
Nagaraju


___
Users mailing list --users@ovirt.org  
To unsubscribe send an email tousers-le...@ovirt.org  

Privacy Statement:https://www.ovirt.org/site/privacy-policy/
oVirt Code of 
Conduct:https://www.ovirt.org/community/about/community-guidelines/
List 
Archives:https://lists.ovirt.org/archives/list/users@ovirt.org/message/P6QHPSFZLOZ6EZEVFQPBNII37PNIATU3/
-- 
Eduardo Mayoral Jimeno

Systems engineer, platform department. Arsys Internet.
emayo...@arsys.es    - +34 941 620 
105 - ext 2153

___

[ovirt-users] Re: ldaps-config

2020-02-27 Thread eevans 
I log my Linux machines into my domain using the infor provided by Red Hat:

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/system_administrators_guide/ch-file_and_print_servers#setting_up_samba_as_a_domain_member

 

I can login to ovirt or the other nodes without adding ldap or any special 
plugins. 

You can assign machines using AD authentication for either a specific user or 
group. 

 

When I login to the Ovirt or node consoles, it logs me in automatically as my 
domain user. I think adding the permissions to the AD users would be 
sufficient, but I have not tested this at all. 

Just passing along some information that I hope helps someone.

 

If you have any questions, I will do my best to answer them.

 

Eric Evans

Digital Data Services LLC.

304.660.9080



 

From: Lucie Leistnerova  
Sent: Thursday, February 27, 2020 10:52 AM
To: Budur Nagaraju ; users 
Subject: [ovirt-users] Re: ldaps-config

 

Hi, I've checked again the options in the aaa tool.

On 2/27/20 4:20 PM, Budur Nagaraju wrote:

can some one help me on the issue ? badly stuck on this have not got any 
pointer on fix .

 

An error occurred while attempting to query DNS in order to retrieve SRV 
records with name '_ldaps._tcp.abc.net <http://tcp.psecure.net> ': 
NameNotFoundException(DNS name not found [response code 3]), 
ldapSDKVersion=4.0.7, revision=b28fb50058dfe2864171df2448ad2ad2b4c2ad58 

 

It seems your DNS is not configured to resolve ldap servers. Please disable DNS 
and use direct fqdn/ip of the server or configure the DNS SRV record.

>From the documentation:
Press Enter to accept the default and configure domain name resolution for your 
LDAP server name: 

 It is highly recommended to use DNS resolution for LDAP server.
 If for some reason you intend to use hosts or plain address disable DNS usage.
 Use DNS (Yes, No) [Yes]:
 
 

 

Thanks,

Nagaraju

 

 

On Thu, Feb 27, 2020 at 8:48 PM Budur Nagaraju mailto:nbud...@gmail.com> > wrote:

Hi Lucie,

 

Can you please help me on this issue? am using ldaps for the configuration.

 

Thanks,

Nagaraju

 

 

On Thu, Feb 27, 2020 at 4:00 PM Budur Nagaraju mailto:nbud...@gmail.com> > wrote:

Hi Lucie,

 

Have tried the option but when trying to logon from the browser getting the 
below error.

Any tweaks can be made ?

 

 

An error occurred while attempting to query DNS in order to retrieve SRV 
records with name '_ldaps._tcp.psecure.net <http://tcp.psecure.net> ': 
NameNotFoundException(DNS name not found [response code 3]), 
ldapSDKVersion=4.0.7, revision=b28fb50058dfe2864171df2448ad2ad2b4c2ad58 

 

Thanks,

Nagaraju

 

 

 

On Thu, Feb 27, 2020 at 3:51 PM Lucie Leistnerova mailto:lleis...@redhat.com> > wrote:

Hi Budur,

or just use the tool for it - Configuring an External LDAP Provider
https://www.ovirt.org/documentation/admin-guide/chap-Users_and_Roles.html

Best regards,

Lucie

On 2/27/20 9:32 AM, Eduardo Mayoral wrote:

Should be as simple as this:

 

[root@ovirt-hc0 ~]# cat /etc/ovirt-engine/aaa/activedirectory.properties
include = 

vars.domain = XX
vars.user = YYY
vars.password = Z

pool.default.ssl.startTLS = true
pool.default.ssl.startTLSProtocol = TLSv1.2

pool.default.auth.simple.bindDN = ${global:vars.user}
pool.default.auth.simple.password = ${global:vars.password}
pool.default.serverset.type = srvrecord
pool.default.serverset.srvrecord.domain = ${global:vars.domain}

 

 

Just remember to trust the certificate authority for the ldaps certificate in 
the ovirt engine server.

https://stackoverflow.com/questions/37043442/how-to-add-certificate-authority-file-in-centos-7

 

On 27/2/20 4:42, Budur Nagaraju wrote:

Hi 

 

Can someone help me in configuring ldaps in oVirt Engine 4.x ?

 

Thanks,

Nagaraju

 





___
Users mailing list -- users@ovirt.org <mailto:users@ovirt.org> 
To unsubscribe send an email to users-le...@ovirt.org 
<mailto:users-le...@ovirt.org> 
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/P6QHPSFZLOZ6EZEVFQPBNII37PNIATU3/

-- 
Eduardo Mayoral Jimeno
Systems engineer, platform department. Arsys Internet.
emayo...@arsys.es <mailto:emayo...@arsys.es>  - +34 941 620 105 - ext 2153





___
Users mailing list -- users@ovirt.org <mailto:users@ovirt.org> 
To unsubscribe send an email to users-le...@ovirt.org 
<mailto:users-le...@ovirt.org> 
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/ADWCGNS353CUN3CIHFBZDUWAXRHL66JB/

-- 
Lucie Leistnerova
Senior Quality Engineer, QE Cloud, RHVM

[ovirt-users] Re: ldaps-config

2020-02-27 Thread Budur Nagaraju 
Am using ldaps not starttls,  when i do dig able to resolve the,  not sure
where exactly doing mistake.

Using 4.3 version.

Thanks,
Nagaraju

On Thu, Feb 27, 2020, 9:22 PM Lucie Leistnerova  wrote:

> Hi, I've checked again the options in the aaa tool.
> On 2/27/20 4:20 PM, Budur Nagaraju wrote:
>
> can some one help me on the issue ? badly stuck on this have not got any
> pointer on fix .
>
> An error occurred while attempting to query DNS in order to retrieve SRV
> records with name '_ldaps._tcp.abc.net ':
> NameNotFoundException(DNS name not found [response code 3]),
> ldapSDKVersion=4.0.7, revision=b28fb50058dfe2864171df2448ad2ad2b4c2ad58
>
> It seems your DNS is not configured to resolve ldap servers. Please
> disable DNS and use direct fqdn/ip of the server or configure the DNS SRV
> record.
> From the documentation:
> Press *Enter* to accept the default and configure domain name resolution
> for your LDAP server name:
>
>  It is highly recommended to use DNS resolution for LDAP server.
>  If for some reason you intend to use hosts or plain address disable DNS 
> usage.
>  Use DNS (Yes, No) [Yes]:
>
>
>
> Thanks,
> Nagaraju
>
>
> On Thu, Feb 27, 2020 at 8:48 PM Budur Nagaraju  wrote:
>
>> Hi Lucie,
>>
>> Can you please help me on this issue? am using ldaps for the
>> configuration.
>>
>> Thanks,
>> Nagaraju
>>
>>
>> On Thu, Feb 27, 2020 at 4:00 PM Budur Nagaraju  wrote:
>>
>>> Hi Lucie,
>>>
>>> Have tried the option but when trying to logon from the browser getting
>>> the below error.
>>> Any tweaks can be made ?
>>>
>>>
>>> An error occurred while attempting to query DNS in order to retrieve SRV
>>> records with name '_ldaps._tcp.psecure.net': NameNotFoundException(DNS
>>> name not found [response code 3]), ldapSDKVersion=4.0.7,
>>> revision=b28fb50058dfe2864171df2448ad2ad2b4c2ad58
>>>
>>> Thanks,
>>> Nagaraju
>>>
>>>
>>>
>>> On Thu, Feb 27, 2020 at 3:51 PM Lucie Leistnerova 
>>> wrote:
>>>
 Hi Budur,

 or just use the tool for it - Configuring an External LDAP Provider

 https://www.ovirt.org/documentation/admin-guide/chap-Users_and_Roles.html

 Best regards,

 Lucie
 On 2/27/20 9:32 AM, Eduardo Mayoral wrote:

 Should be as simple as this:


 [root@ovirt-hc0 ~]# cat /etc/ovirt-engine/aaa/*activedirectory*
 .properties
 include = 

 vars.domain = XX
 vars.user = YYY
 vars.password = Z

 *pool.default.ssl.startTLS = true*
 *pool.default.ssl.startTLSProtocol = TLSv1.2*

 pool.default.auth.simple.bindDN = ${global:vars.user}
 pool.default.auth.simple.password = ${global:vars.password}
 pool.default.serverset.type = srvrecord
 pool.default.serverset.srvrecord.domain = ${global:vars.domain}



 Just remember to trust the certificate authority for the ldaps
 certificate in the ovirt engine server.


 https://stackoverflow.com/questions/37043442/how-to-add-certificate-authority-file-in-centos-7


 On 27/2/20 4:42, Budur Nagaraju wrote:

 Hi

 Can someone help me in configuring ldaps in oVirt Engine 4.x ?

 Thanks,
 Nagaraju


 ___
 Users mailing list -- users@ovirt.org
 To unsubscribe send an email to users-le...@ovirt.org
 Privacy Statement: https://www.ovirt.org/site/privacy-policy/
 oVirt Code of Conduct: 
 https://www.ovirt.org/community/about/community-guidelines/
 List Archives: 
 https://lists.ovirt.org/archives/list/users@ovirt.org/message/P6QHPSFZLOZ6EZEVFQPBNII37PNIATU3/

 --
 Eduardo Mayoral Jimeno
 Systems engineer, platform department. Arsys internet.emayo...@arsys.es - 
 +34 941 620 105 - ext 2153


 ___
 Users mailing list -- users@ovirt.org
 To unsubscribe send an email to users-le...@ovirt.org
 Privacy Statement: https://www.ovirt.org/site/privacy-policy/
 oVirt Code of Conduct: 
 https://www.ovirt.org/community/about/community-guidelines/
 List Archives: 
 https://lists.ovirt.org/archives/list/users@ovirt.org/message/ADWCGNS353CUN3CIHFBZDUWAXRHL66JB/

 --
 Lucie Leistnerova
 Senior Quality Engineer, QE Cloud, RHVM
 Red Hat EMEA

 IRC: lleistne @ #rhev-qe

 --
> Lucie Leistnerova
> Senior Quality Engineer, QE Cloud, RHVM
> Red Hat EMEA
>
> IRC: lleistne @ #rhev-qe
>
>
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/5HSGNX5PUQHB4DFKSK4BWJ7GGAEVXGGD/

[ovirt-users] Re: ldaps-config

2020-02-27 Thread Lucie Leistnerova 

Hi, I've checked again the options in the aaa tool.

On 2/27/20 4:20 PM, Budur Nagaraju wrote:
can some one help me on the issue ? badly stuck on this have not got 
any pointer on fix .


An error occurred while attempting to query DNS in order to retrieve 
SRV records with name '_ldaps._tcp.abc.net ': 
NameNotFoundException(DNS name not found [response code 3]), 
ldapSDKVersion=4.0.7, revision=b28fb50058dfe2864171df2448ad2ad2b4c2ad58


It seems your DNS is not configured to resolve ldap servers. Please 
disable DNS and use direct fqdn/ip of the server or configure the DNS 
SRV record.


From the documentation:
Press *Enter* to accept the default and configure domain name resolution 
for your LDAP server name:


|It is highly recommended to use DNS resolution for LDAP server. If for 
some reason you intend to use hosts or plain address disable DNS usage. 
Use DNS (Yes, No) [Yes]: |||


||

||


Thanks,
Nagaraju


On Thu, Feb 27, 2020 at 8:48 PM Budur Nagaraju > wrote:


Hi Lucie,

Can you please help me on this issue? am using ldaps for the
configuration.

Thanks,
Nagaraju


On Thu, Feb 27, 2020 at 4:00 PM Budur Nagaraju mailto:nbud...@gmail.com>> wrote:

Hi Lucie,

Have tried the option but when trying to logon from the
browser getting the below error.
Any tweaks can be made ?


An error occurred while attempting to query DNS in order to
retrieve SRV records with name '_ldaps._tcp.psecure.net
': NameNotFoundException(DNS name not
found [response code 3]), ldapSDKVersion=4.0.7,
revision=b28fb50058dfe2864171df2448ad2ad2b4c2ad58

Thanks,
Nagaraju



On Thu, Feb 27, 2020 at 3:51 PM Lucie Leistnerova
mailto:lleis...@redhat.com>> wrote:

Hi Budur,

or just use the tool for it - Configuring an External LDAP
Provider

https://www.ovirt.org/documentation/admin-guide/chap-Users_and_Roles.html

Best regards,

Lucie

On 2/27/20 9:32 AM, Eduardo Mayoral wrote:


Should be as simple as this:


[root@ovirt-hc0 ~]# cat
/etc/ovirt-engine/aaa//activedirectory/.properties
include = 

vars.domain = XX
vars.user = YYY
vars.password = Z

*pool.default.ssl.startTLS = true**
**pool.default.ssl.startTLSProtocol = TLSv1.2*

pool.default.auth.simple.bindDN = ${global:vars.user}
pool.default.auth.simple.password = ${global:vars.password}
pool.default.serverset.type = srvrecord
pool.default.serverset.srvrecord.domain =
${global:vars.domain}



Just remember to trust the certificate authority for the
ldaps certificate in the ovirt engine server.


https://stackoverflow.com/questions/37043442/how-to-add-certificate-authority-file-in-centos-7


On 27/2/20 4:42, Budur Nagaraju wrote:

Hi

Can someone help me in configuring ldaps in oVirt Engine
4.x ?

Thanks,
Nagaraju


___
Users mailing list --users@ovirt.org  
To unsubscribe send an email tousers-le...@ovirt.org  

Privacy Statement:https://www.ovirt.org/site/privacy-policy/
oVirt Code of 
Conduct:https://www.ovirt.org/community/about/community-guidelines/
List 
Archives:https://lists.ovirt.org/archives/list/users@ovirt.org/message/P6QHPSFZLOZ6EZEVFQPBNII37PNIATU3/
-- 
Eduardo Mayoral Jimeno

Systems engineer, platform department. Arsys Internet.
emayo...@arsys.es    - +34 941 620 105 - 
ext 2153

___
Users mailing list --users@ovirt.org  
To unsubscribe send an email tousers-le...@ovirt.org  

Privacy Statement:https://www.ovirt.org/site/privacy-policy/
oVirt Code of 
Conduct:https://www.ovirt.org/community/about/community-guidelines/
List 
Archives:https://lists.ovirt.org/archives/list/users@ovirt.org/message/ADWCGNS353CUN3CIHFBZDUWAXRHL66JB/


-- 
Lucie Leistnerova

Senior Quality Engineer, QE Cloud, RHVM
Red Hat EMEA

IRC: lleistne @ #rhev-qe


--
Lucie Leistnerova
Senior Quality Engineer, QE Cloud, RHVM
Red Hat EMEA

IRC: lleistne @ #rhev-qe

___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/

[ovirt-users] Re: ldaps-config

2020-02-27 Thread Budur Nagaraju 
can some one help me on the issue ? badly stuck on this have not got any
pointer on fix .

An error occurred while attempting to query DNS in order to retrieve SRV
records with name '_ldaps._tcp.abc.net ':
NameNotFoundException(DNS name not found [response code 3]),
ldapSDKVersion=4.0.7, revision=b28fb50058dfe2864171df2448ad2ad2b4c2ad58


Thanks,
Nagaraju


On Thu, Feb 27, 2020 at 8:48 PM Budur Nagaraju  wrote:

> Hi Lucie,
>
> Can you please help me on this issue? am using ldaps for the configuration.
>
> Thanks,
> Nagaraju
>
>
> On Thu, Feb 27, 2020 at 4:00 PM Budur Nagaraju  wrote:
>
>> Hi Lucie,
>>
>> Have tried the option but when trying to logon from the browser getting
>> the below error.
>> Any tweaks can be made ?
>>
>>
>> An error occurred while attempting to query DNS in order to retrieve SRV
>> records with name '_ldaps._tcp.psecure.net': NameNotFoundException(DNS
>> name not found [response code 3]), ldapSDKVersion=4.0.7,
>> revision=b28fb50058dfe2864171df2448ad2ad2b4c2ad58
>>
>> Thanks,
>> Nagaraju
>>
>>
>>
>> On Thu, Feb 27, 2020 at 3:51 PM Lucie Leistnerova 
>> wrote:
>>
>>> Hi Budur,
>>>
>>> or just use the tool for it - Configuring an External LDAP Provider
>>> https://www.ovirt.org/documentation/admin-guide/chap-Users_and_Roles.html
>>>
>>> Best regards,
>>>
>>> Lucie
>>> On 2/27/20 9:32 AM, Eduardo Mayoral wrote:
>>>
>>> Should be as simple as this:
>>>
>>>
>>> [root@ovirt-hc0 ~]# cat /etc/ovirt-engine/aaa/*activedirectory*
>>> .properties
>>> include = 
>>>
>>> vars.domain = XX
>>> vars.user = YYY
>>> vars.password = Z
>>>
>>> *pool.default.ssl.startTLS = true*
>>> *pool.default.ssl.startTLSProtocol = TLSv1.2*
>>>
>>> pool.default.auth.simple.bindDN = ${global:vars.user}
>>> pool.default.auth.simple.password = ${global:vars.password}
>>> pool.default.serverset.type = srvrecord
>>> pool.default.serverset.srvrecord.domain = ${global:vars.domain}
>>>
>>>
>>>
>>> Just remember to trust the certificate authority for the ldaps
>>> certificate in the ovirt engine server.
>>>
>>>
>>> https://stackoverflow.com/questions/37043442/how-to-add-certificate-authority-file-in-centos-7
>>>
>>>
>>> On 27/2/20 4:42, Budur Nagaraju wrote:
>>>
>>> Hi
>>>
>>> Can someone help me in configuring ldaps in oVirt Engine 4.x ?
>>>
>>> Thanks,
>>> Nagaraju
>>>
>>>
>>> ___
>>> Users mailing list -- users@ovirt.org
>>> To unsubscribe send an email to users-le...@ovirt.org
>>> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
>>> oVirt Code of Conduct: 
>>> https://www.ovirt.org/community/about/community-guidelines/
>>> List Archives: 
>>> https://lists.ovirt.org/archives/list/users@ovirt.org/message/P6QHPSFZLOZ6EZEVFQPBNII37PNIATU3/
>>>
>>> --
>>> Eduardo Mayoral Jimeno
>>> Systems engineer, platform department. Arsys internet.emayo...@arsys.es - 
>>> +34 941 620 105 - ext 2153
>>>
>>>
>>> ___
>>> Users mailing list -- users@ovirt.org
>>> To unsubscribe send an email to users-le...@ovirt.org
>>> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
>>> oVirt Code of Conduct: 
>>> https://www.ovirt.org/community/about/community-guidelines/
>>> List Archives: 
>>> https://lists.ovirt.org/archives/list/users@ovirt.org/message/ADWCGNS353CUN3CIHFBZDUWAXRHL66JB/
>>>
>>> --
>>> Lucie Leistnerova
>>> Senior Quality Engineer, QE Cloud, RHVM
>>> Red Hat EMEA
>>>
>>> IRC: lleistne @ #rhev-qe
>>>
>>>
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/L3YRQC5GHAANGL5LU3ZVKILEQND4XQ6S/

[ovirt-users] Re: ldaps-config

2020-02-27 Thread Lucie Leistnerova 

Hi Budur,

or just use the tool for it - Configuring an External LDAP Provider
https://www.ovirt.org/documentation/admin-guide/chap-Users_and_Roles.html

Best regards,

Lucie

On 2/27/20 9:32 AM, Eduardo Mayoral wrote:


Should be as simple as this:


[root@ovirt-hc0 ~]# cat /etc/ovirt-engine/aaa//activedirectory/.properties
include = 

vars.domain = XX
vars.user = YYY
vars.password = Z

*pool.default.ssl.startTLS = true**
**pool.default.ssl.startTLSProtocol = TLSv1.2*

pool.default.auth.simple.bindDN = ${global:vars.user}
pool.default.auth.simple.password = ${global:vars.password}
pool.default.serverset.type = srvrecord
pool.default.serverset.srvrecord.domain = ${global:vars.domain}



Just remember to trust the certificate authority for the ldaps 
certificate in the ovirt engine server.


https://stackoverflow.com/questions/37043442/how-to-add-certificate-authority-file-in-centos-7


On 27/2/20 4:42, Budur Nagaraju wrote:

Hi

Can someone help me in configuring ldaps in oVirt Engine 4.x ?

Thanks,
Nagaraju


___
Users mailing list --users@ovirt.org
To unsubscribe send an email tousers-le...@ovirt.org
Privacy Statement:https://www.ovirt.org/site/privacy-policy/
oVirt Code of 
Conduct:https://www.ovirt.org/community/about/community-guidelines/
List 
Archives:https://lists.ovirt.org/archives/list/users@ovirt.org/message/P6QHPSFZLOZ6EZEVFQPBNII37PNIATU3/

--
Eduardo Mayoral Jimeno
Systems engineer, platform department. Arsys Internet.
emayo...@arsys.es  - +34 941 620 105 - ext 2153

___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/ADWCGNS353CUN3CIHFBZDUWAXRHL66JB/


--
Lucie Leistnerova
Senior Quality Engineer, QE Cloud, RHVM
Red Hat EMEA

IRC: lleistne @ #rhev-qe

___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/QJIIQ5PUC3N4Y77YOMQJS4KJQ4YVPUA5/

[ovirt-users] Re: ldaps-config

2020-02-27 Thread Eduardo Mayoral 
Should be as simple as this:


[root@ovirt-hc0 ~]# cat /etc/ovirt-engine/aaa//activedirectory/.properties
include = 

vars.domain = XX
vars.user = YYY
vars.password = Z

*pool.default.ssl.startTLS = true**
**pool.default.ssl.startTLSProtocol = TLSv1.2*

pool.default.auth.simple.bindDN = ${global:vars.user}
pool.default.auth.simple.password = ${global:vars.password}
pool.default.serverset.type = srvrecord
pool.default.serverset.srvrecord.domain = ${global:vars.domain}



Just remember to trust the certificate authority for the ldaps
certificate in the ovirt engine server.

https://stackoverflow.com/questions/37043442/how-to-add-certificate-authority-file-in-centos-7


On 27/2/20 4:42, Budur Nagaraju wrote:
> Hi
>
> Can someone help me in configuring ldaps in oVirt Engine 4.x ?
>
> Thanks,
> Nagaraju
>
>
> ___
> Users mailing list -- users@ovirt.org
> To unsubscribe send an email to users-le...@ovirt.org
> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
> oVirt Code of Conduct: 
> https://www.ovirt.org/community/about/community-guidelines/
> List Archives: 
> https://lists.ovirt.org/archives/list/users@ovirt.org/message/P6QHPSFZLOZ6EZEVFQPBNII37PNIATU3/

-- 
Eduardo Mayoral Jimeno
Systems engineer, platform department. Arsys Internet.
emayo...@arsys.es - +34 941 620 105 - ext 2153

___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/ADWCGNS353CUN3CIHFBZDUWAXRHL66JB/