On Thu, May 30, 2019 at 2:51 PM <rubennune...@gmail.com> wrote: > 1 - Result of the command: > [root@ovirt ~]# ldapsearch -x -b "ou=People,dc=lab,dc=local" -s sub -h > 192.168.16.114 -p 389 -D "uid=node1,ou=People,dc=lab,dc=local" -W > 'uid=node1' > Enter LDAP Password: > # extended LDIF > # > # LDAPv3 > # base <ou=People,dc=lab,dc=local> with scope subtree > # filter: uid=node1 > # requesting: ALL > # > > # node1, People, lab.local > dn: uid=node1,ou=People,dc=lab,dc=local > objectClass: inetOrgPerson > objectClass: posixAccount > objectClass: shadowAccount > sn: node1 > givenName: node1 > cn: node1 > displayName: node1 > uidNumber: 1000 > gidNumber: 1000 > > Good! So I would clean the directory /etc/ovirt-engine/aaa from the profile1.properties, profile1-authn.properties, profile1-authz.properties files and the same for profile2 and perhaps also inside /etc/ovirt-engine/extensions.d/ there should be some xxx-authn.properties (perhaps xxx= ldap.com, the profile name you chose in previous attempts) remove them too and restart ovirt-engine service or the server itself (eventually putting into global maintenance if Self Hosted Engine setup) Then I would rerun the interactive setup
ovirt-engine-extension-aaa-ldap-setup select 9 - OpenLDAP Standard Schema select to use DNS and policy 1 (single server) that should be resolved as you pointed out and put ldap.lab.local select Insecure select search user uid=node1,ou=People,dc=lab,dc=local enter the password enter the base dn ou=People,dc=lab,dc=local decide if you want sso for vms yes/no specify profile name lab.local HIH
_______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/43S4JM5DM4DOOM4SGOKDZ6DY5HXGIKKC/