----- Original Message ----- > From: "Fumihide Tani" <[email protected]> > To: "Alon Bar-Lev" <[email protected]> > Cc: [email protected] > Sent: Sunday, September 21, 2014 11:11:11 AM > Subject: Re: [ovirt-users] Can not configure with simple LDAP. > > Hi, Alon > > Very thanks for your help. > My problem was solved and the AAA is working now. > I could add LDAP user. :)
Great. Can you please send me a patch or modified README to make it better? Alon > > Fumihide Tani > > (2014/09/21 16:19), Alon Bar-Lev wrote: > > > > ----- Original Message ----- > >> From: "Alon Bar-Lev" <[email protected]> > >> To: "Fumihide Tani" <[email protected]> > >> Cc: [email protected] > >> Sent: Sunday, September 21, 2014 10:19:11 AM > >> Subject: Re: [ovirt-users] Can not configure with simple LDAP. > >> > >> Hi, > >> > >> You need to create authz extension as well (authz-company). > >> The configuration you provided is establishing authentication only (authn) > >> which refer to authz-company but you did not add it. > >> > >> The terms are: > >> 1. authn - who the user is. > >> 2. authz - what user is permitted. > >> 3. profile - combination of the two. > >> > >> ----------------------------- > >> # vi /etc/ovirt-engine/extensions.d/authz-company.properties > >> ovirt.engine.extension.name = authz-company > >> ovirt.engine.extension.bindings.method = jbossmodule > >> ovirt.engine.extension.binding.jbossmodule.module = > >> org.ovirt.engine-extensions.aaa.ldap > >> ovirt.engine.extension.binding.jbossmodule.class = > >> org.ovirt.engineextensions.aaa.ldap.AuthnExtension > > Sorry: > > org.ovirt.engineextensions.aaa.ldap.AuthzExtension > >> ovirt.engine.extension.provides = > >> org.ovirt.engine.api.extensions.aaa.Authz > >> config.profile.file.1 = /etc/ovirt-engine/aaa/rxc05271.properties > >> -------------------------------------------------- > >> > >> Regards, > >> Alon > > > > > _______________________________________________ Users mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/users
