> After "Users from this domain can be granted permissions from the Web > administration interface." Maybe we should add "or the domain should > be added/editted with the -addPermissions option". > > What do you think?
I think that, by the time this message is shown, the domain has been added. No point in telling about how the domain _could_ have been added. Something like "Users from this domain can be granted permissions from the Web administration interface, or by passing the -addPermissions flag to engine-manage-domains." Tim Hildred, RHCE Content Author II - Engineering Content Services, Red Hat, Inc. Brisbane, Australia Email: [email protected] Internal: 8588287 Mobile: +61 4 666 25242 IRC: thildred ----- Original Message ----- > From: "Yair Zaslavsky" <[email protected]> > To: "Gianluca Cecchi" <[email protected]> > Cc: "users" <[email protected]> > Sent: Sunday, February 3, 2013 4:13:58 PM > Subject: Re: [Users] 3.2 beta and IPA domain question > > A question about this - > Do you think the message printed to the user (after the domain is > added without -addPermissions) should be extended and have addition > line like > > After "Users from this domain can be granted permissions from the Web > administration interface." Maybe we should add "or the domain should > be added/editted with the -addPermissions option". > > What do you think? > > > ----- Original Message ----- > > From: "Gianluca Cecchi" <[email protected]> > > To: "users" <[email protected]> > > Sent: Saturday, February 2, 2013 1:22:15 AM > > Subject: [Users] 3.2 beta and IPA domain question > > > > Hello, > > I seem to remember in RHEV 3.0 that when you configured an IPA > > domain, > > its admin was automatically configured as an admin for RHEV itself. > > Is it true and in case does remain true for oVirt? > > > > I configured IPA as shipped on CentOS 6.3+updates > > ipa-server-2.2.0-17.el6_3.1.x86_64 > > > > I successfully added it to y oVirt 3.2 beta setup > > > > [root@f18engine ~]# engine-manage-domains -action=add > > -domain=LOCALDOMAIN.LOCAL -user=admin -provider=IPA -interactive > > Enter password: > > > > The domain localdomain.local has been added to the engine as an > > authentication source but no users from that domain have been > > granted > > permissions within the oVirt Manager. > > Users from this domain can be granted permissions from the Web > > administration interface. > > oVirt Engine restart is required in order for the changes to take > > place (service ovirt-engine restart). > > Manage Domains completed successfully > > > > Then > > [root@f18engine ~]# systemctl try-restart ovirt-engine.service > > [root@f18engine ~]# systemctl status ovirt-engine.service > > ovirt-engine.service - oVirt Engine > > Loaded: loaded (/usr/lib/systemd/system/ovirt-engine.service; > > enabled) > > Active: active (running) since Sat 2013-02-02 00:10:29 CET; 10s > > ago > > Process: 32512 ExecStop=/usr/bin/engine-service stop (code=exited, > > status=0/SUCCESS) > > Process: 32520 ExecStart=/usr/bin/engine-service start > > (code=exited, > > status=0/SUCCESS) > > Main PID: 32521 (java) > > CGroup: name=systemd:/system/ovirt-engine.service > > └─32521 engine-service -server -XX:+TieredCompilation -Xms1g > > -Xmx1g > > -XX:PermSize=256m -XX:MaxPe... > > > > Feb 02 00:10:28 f18engine.localdomain.local systemd[1]: Starting > > oVirt Engine... > > Feb 02 00:10:29 f18engine.localdomain.local engine-service[32520]: > > Started engine process 32521. > > Feb 02 00:10:29 f18engine.localdomain.local engine-service[32520]: > > Starting engine-service: [ OK ] > > Feb 02 00:10:29 f18engine.localdomain.local systemd[1]: Started > > oVirt > > Engine. > > > > > > Now from web admin portal I can choose the "localdomain.local" > > domain > > in drop down menu. > > But when I try to enter the webadmin portal I get: > > > > User is not authorized to perform this action. > > > > > > Do I need to grant IPA admin user from internal admin before, or > > should it just work? > > > > Gianluca > > _______________________________________________ > > Users mailing list > > [email protected] > > http://lists.ovirt.org/mailman/listinfo/users > > > _______________________________________________ > Users mailing list > [email protected] > http://lists.ovirt.org/mailman/listinfo/users > _______________________________________________ Users mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/users
