----- Original Message ----- > From: "Ryan Wilkinson" <ryanw...@gmail.com> > To: users@ovirt.org > Sent: Thursday, March 28, 2013 2:42:56 PM > Subject: [Users] ldap > > > > I'm able to set up Active Directory authentication if my ovirt engine > is set to use dns that is hosted on the same system as Active > Directory. However, if I use static host entries in my engine > "hosts" file instead of using dns I'm getting the error "ldap server > for domain not found" when I issue the command: > "engine-manage-domains -action=add -domain=’ovirt.local' > -user='admin' -provider=ActiveDirectory -interactive" from the > engine. I've googled to death how to configure static entries on my > engine system for the ldap server and it seems that I need to > configure my nsswitch and ldap.conf files but still no luck... Any > ideas?? Hi Ryan,
To work with LDAP you currently need to have both LDAP and Kerberos SRV records in the DNS, as well as PTR record. If you would like to work locally I can suggest working with dnsmasq (lightweight DHCP and caching DNS server) locally, defining these entries there, and setting /etc/resolv.conf properly, so that it would access it. The configuration is in /etc/dnsmasq.conf (or in /etc/dnsmasq.d/...). Example for LDAP and Kerberos records: srv-host=_ldap._tcp.my_domain.com,ad.my_domain.com,389 srv-host=_kerberos._tcp.my_domain.com,ad.my_domain.com,88 and, afaik it also takes /etc/hosts and creates PTR records for the entries there, so that should be enough, if you add your AD host in /etc/hosts (I guess you can also add those manually in dnsmasq). Let me know if you need further assistance. Oved > _______________________________________________ > Users mailing list > Users@ovirt.org > http://lists.ovirt.org/mailman/listinfo/users > _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users