Hello Alon and everybody, I have installed package ovirt-engine-extension-aaa-ldap and configure my files as the documentation says. The files are:
/etc/ovirt-engine/extensions.d/siee.local-authn.properties: ovirt.engine.extension.name = siee.local-authn ovirt.engine.extension.bindings.method = jbossmodule ovirt.engine.extension.binding.jbossmodule.module = org.ovirt.engine-extensions.aaa.ldap ovirt.engine.extension.binding.jbossmodule.class = org.ovirt.engineextensions.aaa.ldap.AuthnExtension ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authn ovirt.engine.aaa.authn.profile.name = siee.local ovirt.engine.aaa.authn.authz.plugin = siee.local-authz config.profile.file.1 = aaa/siee.local.properties /etc/ovirt-engine/extensions.d/siee.local-authz.properties: ovirt.engine.extension.name = siee.local-authz ovirt.engine.extension.bindings.method = jbossmodule ovirt.engine.extension.binding.jbossmodule.module = org.ovirt.engine-extensions.aaa.ldap ovirt.engine.extension.binding.jbossmodule.class = org.ovirt.engineextensions.aaa.ldap.AuthzExtension ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authz config.profile.file.1 = aaa/siee.local.properties /etc/ovirt-engine/extensions.d/aaa/siee.local.properties: include = <ad.properties> # # Active directory domain name. # vars.domain = siee.local # # Search user and its password. # vars.user = juanjo@${global:vars.domain} vars.password = xxxxxxxx # # Optional DNS servers, if enterprise # DNS server cannot resolve the domain srvrecord. # #vars.dns = dns://dc1.${global:vars.domain} dns://dc2.${global:vars.domain} pool.default.serverset.type = srvrecord pool.default.serverset.srvrecord.domain = ${global:vars.domain} pool.default.auth.simple.bindDN = ${global:vars.user} pool.default.auth.simple.password = ${global:vars.password} # Uncomment if using custom DNS #pool.default.serverset.srvrecord.jndi-properties.java.naming.provider.url = ${global:vars.dns} #pool.default.socketfactory.resolver.uRL = ${global:vars.dns} # Create keystore, import certificate chain and uncomment # if using ssl/tls. #pool.default.ssl.startTLS = true #pool.default.ssl.truststore.file = ${local:_basedir}/${global:vars.domain}.jks #pool.default.ssl.truststore.password = changeit And after this configuration I restart ovirt-engine service. When I try to login in administrator portal I can see the error "The user name or password is incorrect.". In /var/log/ovirt-engine/engine.log I have the errors: 2014-12-02 14:02:21,983 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp--127.0.0.1-8702-8) Correlation ID: null, Call Stack: null, Custom Event ID: -1, Message: User juanjo cannot login, please verify the username and password. 2014-12-02 14:02:21,991 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp--127.0.0.1-8702-8) Correlation ID: null, Call Stack: null, Custom Event ID: -1, Message: User juanjo failed to log in. I'm using correct user and password becuase I can login in a Windows client machine which is inside siee.local domain with this user and its correct password. What do you think it could be the problem? If you need more information or I have to configure any other parameters, please tell me. Many thanks in advanced, Juanjo. On Wed, Nov 26, 2014 at 3:19 PM, Alon Bar-Lev <alo...@redhat.com> wrote: > > > ----- Original Message ----- > > From: "Juan Jose" <jj197...@gmail.com> > > To: "Alon Bar-Lev" <alo...@redhat.com> > > Cc: "Ondra Machacek" <omach...@redhat.com>, "Yair Zaslavsky" < > yzasl...@redhat.com>, users@ovirt.org > > Sent: Wednesday, November 26, 2014 3:04:14 PM > > Subject: Re: [ovirt-users] Adding domain to oVirt to 3.5 issue > > > > Hello Alon and everybody, > > > > Check in my ovirt-engine machine for ovirt-engine-aaa-ldap package and it > > is not available: > > > > yum list "ovirt-engine*" > > Loaded plugins: fastestmirror, refresh-packagekit, security, versionlock > > Loading mirror speeds from cached hostfile > > * base: ftp.udl.es > > * epel: mirror.uv.es > > * extras: ftp.udl.es > > * ovirt-3.5: ftp.nluug.nl > > * ovirt-3.5-epel: mirror.uv.es > > * ovirt-3.5-jpackage-6.0-generic: mirror.ibcp.fr > > * ovirt-epel: mirror.uv.es > > * ovirt-jpackage-6.0-generic: mirror.ibcp.fr > > * updates: ftp.udl.es > > Installed Packages > > ovirt-engine.noarch > > 3.5.0.1-1.el6 @ovirt-3.5 > > ovirt-engine-backend.noarch > > 3.5.0.1-1.el6 @ovirt-3.5 > > ovirt-engine-cli.noarch > > 3.3.0.6-1.el6 @ovirt-3.3.3 > > ovirt-engine-dbscripts.noarch > > 3.5.0.1-1.el6 @ovirt-3.5 > > ovirt-engine-extensions-api-impl.noarch > > 3.5.0.1-1.el6 @ovirt-3.5 > > ovirt-engine-jboss-as.x86_64 > > 7.1.1-1.el6 @ovirt-3.5 > > ovirt-engine-lib.noarch > > 3.5.0.1-1.el6 @ovirt-3.5 > > ovirt-engine-restapi.noarch > > 3.5.0.1-1.el6 @ovirt-3.5 > > ovirt-engine-sdk-python.noarch > > 3.5.0.8-1.el6 @ovirt-3.5 > > ovirt-engine-setup.noarch > > 3.5.0.1-1.el6 @ovirt-3.5 > > ovirt-engine-setup-base.noarch > > 3.5.0.1-1.el6 @ovirt-3.5 > > ovirt-engine-setup-plugin-ovirt-engine.noarch > > 3.5.0.1-1.el6 @ovirt-3.5 > > ovirt-engine-setup-plugin-ovirt-engine-common.noarch > > 3.5.0.1-1.el6 @ovirt-3.5 > > ovirt-engine-setup-plugin-websocket-proxy.noarch > > 3.5.0.1-1.el6 @ovirt-3.5 > > ovirt-engine-tools.noarch > > 3.5.0.1-1.el6 @ovirt-3.5 > > ovirt-engine-userportal.noarch > > 3.5.0.1-1.el6 @ovirt-3.5 > > ovirt-engine-webadmin-portal.noarch > > 3.5.0.1-1.el6 @ovirt-3.5 > > ovirt-engine-websocket-proxy.noarch > > 3.5.0.1-1.el6 @ovirt-3.5 > > Available Packages > > ovirt-engine-cli.noarch > > 3.5.0.5-1.el6 ovirt-3.5 > > ovirt-engine-dwh.noarch > > 3.5.0-1.el6 ovirt-3.5 > > ovirt-engine-dwh-setup.noarch > > 3.5.0-1.el6 ovirt-3.5 > > ovirt-engine-extensions-api-impl-javadoc.noarch > > 3.5.0.1-1.el6 ovirt-3.5 > > ovirt-engine-reports.noarch > > 3.5.1-0.1.el6 ovirt-3.5 > > ovirt-engine-reports-setup.noarch > > 3.5.1-0.1.el6 ovirt-3.5 > > ovirt-engine-sdk-java.noarch > > 3.5.0.5-1.el6 ovirt-3.5 > > ovirt-engine-sdk-java-javadoc.noarch > > 3.5.0.5-1.el6 ovirt-3.5 > > ovirt-engine-setup-plugin-allinone.noarch > > > > How can I get this package? > > > Thanks for trying! > > Package is available at ovirt-3.5-snapshot[1]. > > [1] http://resources.ovirt.org/pub/ovirt-3.5-snapshot/ >
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users