Check out my write-up on AAA, I tried my best to break it down, and make it simple
https://cloudspin.me/ovirt-simple-ldap-aaa/ -----Original Message----- From: users-boun...@ovirt.org [mailto:users-boun...@ovirt.org] On Behalf Of Alon Bar-Lev Sent: Tuesday, December 16, 2014 1:49 AM To: Fedele Stabile Cc: users@ovirt.org Subject: Re: [ovirt-users] Creating new users on oVirt 3.5 ----- Original Message ----- > From: "Fedele Stabile" <fedele.stab...@fis.unical.it> > To: users@ovirt.org > Sent: Monday, December 15, 2014 8:05:28 PM > Subject: [ovirt-users] Creating new users on oVirt 3.5 > > Hello, > I have to create some users on my oVirt 3.5 infrastructure. > On FridayI was following istructions on > http://www.ovirt.org/LDAP_Quick_Start > LDAP Quick Start > so I correctly created a OpenLDAP server and a Kerberos service, but > this morning I read that the instructions are obsolete... > Now I'm trying to understand how to implement the new mechanism... but > I'm in troubles: > 1) run yum install ovirt-engine-extension-aaa-ldap > 2) copied files in /etc/ovirt-engine/extensions.d and modified the > name in fis.unical.it-auth(n/z).properties > 3) copied files in /etc/ovirt-engine/aaa but now I can't do anything > > Can you help me with newbye instructions to install the aaa-extensions? > Thank you very much > Fedele Stabile Hello, Have you read[1]? We of course need help in improving documentation :) Can you please send engine.log when starting up engine so I can see if there are any issues? Please make sure that at /etc/ovirt-engine/extensions.d you set the config.profile.file.1 to absolute file, /etc/ovirt-enigne/aaa/ as we wait for 3.5.1 to support relative names. The simplest sequence is: 1. copy recursive /usr/share/ovirt-engine-extension-aaa-ldap/examples/simple to /etc/ovirt-engine 2. edit /etc/ovirt-engine/extension.d/* replace ../aaa to /etc/ovirt-engine/aaa this is pending 3.5.1. 3. edit /etc/ovirt-engine/aaa/ldap1.properties and set vars.server, vars.user, vars.password to meet your setup. 4. restart engine. 5. send me engine.log Regards, Alon [1] http://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-ldap.git;a=blob; f=README;hb=HEAD _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users