Thank you as well I have noticed from the logs that if the manager interface isn't used in a while it has to reinitialize or renew the ticket in the cache. This process can cause a noticeable delay in logins and using a keytab. This is a part of (but not the whole) reason keytabs exist in kerberos.
-- Sent from my HP Pre3
On Sep 10, 2014 7:11 PM, William Law <[email protected]> wrote:
OK, thanks. Is there a way to perform it without manage-domains currently or in 3.5?
Regards,
Will
On Sep 10, 2014, at 4:07 PM, Yair Zaslavsky <[email protected]> wrote:
>
>
> ----- Original Message -----
>> From: "William Law" <[email protected]>
>> To: "users" <[email protected]>
>> Sent: Thursday, September 11, 2014 1:53:04 AM
>> Subject: [ovirt-users] adding machine to openldap + kerberos with a keytab
>>
>> Hi,
>>
>> When I try to use engine-manage-domains it seems to expect an account to sign
>> in with. Is there any way to use a key tab? It seems like it does all this
>> under the surface eventually; I'd just like to do it up front.
>>
>> Even a pointer to "manual" adding instructions would be very helpful.
>>
>> Thanks,
>>
>> Will
>
> Hi Will,
> No way to perform this with manage domains at the moment.
>
> Not sure if we will invest in this, as in oVirt 3.5 we introduce a pluggable architecture for AAA, based on extensions + configuration files
> managed-domains should be used to support existing setups that will undergo upgrade to 3.5 (or of course, will remain in their current versions).
>
>> _______________________________________________
>> Users mailing list
>> [email protected]
>> http://lists.ovirt.org/mailman/listinfo/users
>>
_______________________________________________
Users mailing list
[email protected]
http://lists.ovirt.org/mailman/listinfo/users
_______________________________________________ Users mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/users
