Hello, many thanks to Alon! We have a working setup with support for base dn. The special challenge in our setup is the constraint of specifying a base dn for every ldap search and referrals inside the branches that must be processed.
If anyone has the same problem, our working configuration with a slightly newer version of ovirt-engine-extension-aaa-ldap is: $ cat /etc/ovirt-engine/aaa/company-ldap.properties include = <rfc2307-openldap.properties> vars.server = ldap.company.de vars.user = cn=system,dc=company,dc=de vars.password = password pool.default.serverset.single.server = ${global:vars.server} pool.default.auth.simple.bindDN = ${global:vars.user} pool.default.auth.simple.password = ${global:vars.password} sequence-init.init.100-my-basedn-init-vars = my-basedn-init-vars sequence.my-basedn-init-vars.010.description = set baseDN sequence.my-basedn-init-vars.010.type = var-set sequence.my-basedn-init-vars.010.var-set.variable = simple_baseDN sequence.my-basedn-init-vars.010.var-set.value = dc=company,dc=de search.default.search-request.derefPolicy = ALWAYS Best regards Jannick _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users