Hi, You need to create authz extension as well (authz-company). The configuration you provided is establishing authentication only (authn) which refer to authz-company but you did not add it.
The terms are: 1. authn - who the user is. 2. authz - what user is permitted. 3. profile - combination of the two. ----------------------------- # vi /etc/ovirt-engine/extensions.d/authz-company.properties ovirt.engine.extension.name = authz-company ovirt.engine.extension.bindings.method = jbossmodule ovirt.engine.extension.binding.jbossmodule.module = org.ovirt.engine-extensions.aaa.ldap ovirt.engine.extension.binding.jbossmodule.class = org.ovirt.engineextensions.aaa.ldap.AuthnExtension ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authz config.profile.file.1 = /etc/ovirt-engine/aaa/rxc05271.properties -------------------------------------------------- Regards, Alon _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users