[
https://issues.apache.org/jira/browse/VCL-867?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16093745#comment-16093745
]
ASF subversion and git services commented on VCL-867:
-----------------------------------------------------
Commit 1802429 from [~jfthomps] in branch 'vcl/trunk'
[ https://svn.apache.org/r1802429 ]
VCL-277 - Add support for images to join Active Directory domains
VCL-867 - Active Directory Authentication for Windows VM's
fixed problem of having access to manage an image that has an AD Domain set
without having access to the AD Domain
addomain.php: modified submitToggleDeleteResourceExtra: clear
addomainAdmin/manageGroup when deleting an AD Domain
image.php:
-modified addEditDialogHTML: removed some logic of what fields are
enabled/disabled - a user may not have access to any AD Domains, but have
access to an image with an AD Domain set; in this case, the user needs to have
access to unset the AD Domain
-modified AJeditResource: added section pass along additional AD Domain
information, including if the user has access to the AD Domain set for the image
-modified validateResourceData: added extra logic for checking AD Domain items
image.js:
-modified inlineEditResourceCB: added logic on what should be enabled for
editing based on user's access to AD Domain items
-modified saveResourceCB: added code to remove an AD Domain option that may
have been added for a specific image when the user didn't directly have access
to that AD Domain
-modified toggleADauth: added call to selectADauth
-added selectADauth
> Active Directory Authentication for Windows VM's
> ------------------------------------------------
>
> Key: VCL-867
> URL: https://issues.apache.org/jira/browse/VCL-867
> Project: VCL
> Issue Type: New Feature
> Components: database, vcld (backend), web gui (frontend)
> Reporter: Junaid Ali
> Assignee: Andy Kurth
> Labels: features
> Fix For: 2.5
>
> Attachments: managementnode.patch, vmadsauth.sql, web.patch
>
>
> The current VCL application creates local user accounts for each reservation.
> There is a need to provide active directory authentication so as to provide
> access to domain resources like profile and network shares during the VCL
> reservation.
> This patch updates the VCL database by creating two additional tables:
> activedirectorydomain -> used to store active directory related information
> imageactivedirectorydomain -> used to store mapping of which images use which
> active directory domain.
> A new column is added to the reservation table to hold current active
> directory information for that particular reservation.
> The patch updates the VCL backed (vcld) to add functionality to make the
> windows images part of the active directory domain. It also sets the
> computer's hostname to be the same as defined in the database. This is done
> to prevent creation of a lot of temporary computer objects within Active
> Directory. The process of domain join add's two reboots (one for hostname
> update and one for domain join). After each reboot the cygwin_rebase scripts
> are run to reconfigure SSHD.
> The patch also updates the VCL frontend to allow management of Active
> directory domains within the system and also manage the association of VCL
> images and active directory domains. There is an option to enable moving
> computer objects to specific Active directory Organization Unit's for better
> grouping and ability to apply custom policies to custom group of images on
> the Active directory side. This option was working in Cygwin 1.5 but stopped
> working in Cygwin 1.7 due to some path issues. I left this option in the
> front-end while I look for resolution within Cygwin 1.7.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
