On 02/23/2012 09:20 AM, Itamar Heim wrote: > On 02/22/2012 11:02 PM, Nathan Stratton wrote: >> >> On Wed, 22 Feb 2012, Oved Ourfalli wrote: >> >>> Hey, >>> >>> This error usually happens where there is no krb5.conf file, or there >>> is one, but your domain isn't in that. >>> The krb5.conf file should be located in >>> $JBOSS_HOME/standalone/configuration directory. >> >> Ya, I gave up on the 389/Kerberos, looking at FreeIPA now. >> >> BTW, why can't we just use LDAP??? > > well, this goes to history, as ovirt was ported from a C# solution > focused that evolved to server virtualization from VDI (virtual desktops). > virtual desktops were mostly windows. > so integration with AD was a must, and was based on kerberos (in C#) > java port first supported backward compatibility. > nothing prevents adding LDAP support, but it probably requires > supporting multiple LDAP redundant servers and SSL. > > btw, the code for basic LDAP (WITHOUT SECURITY) may still work, if you > change the authentication type to "SIMPLE". > but it is never discussed as a deployment option, as it is not secure.
But what about schema differentiation? > _______________________________________________ > Users mailing list > [email protected] > http://lists.ovirt.org/mailman/listinfo/users _______________________________________________ Users mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/users
