On 04/15/2015 12:08 PM, Николаев Алексей wrote:
> Hi community!
>
> The Red_Hat_Enterprise_Virtualization-3.5-Administration_Guide says
> how to add users from external directory.
> But now i want to disable admin@internal
> <mailto:admin@internal> account for security reasons and use it only
> for disaster recovery situations (or then ldaps servers not
> available). Can i do it?
>
> What are best practises for use only external directory?
> If i delete admin@internal <mailto:admin@internal> account can i add
> it again?
>
>
> _______________________________________________
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
Should be possible last time I asked, see response below:
Subject: Re: [ovirt-users] oVirt 3.5 and FreeIpa
Date: Thu, 22 Jan 2015 06:59:52 -0500 (EST)
From: Alon Bar-Lev <alo...@redhat.com>
To: Jorick Astrego <j.astr...@netbulae.eu>
CC: users@ovirt.org
<snip>
Also can we get rid of the internal admin or better just disable
internal authenticationt without problems? As we have ipa we don't want
local login enabled, but in emergency situations we might need to turn
it on quickly.
Yes, you can disable the internal by creating
/etc/ovirt-engine/engine.conf.d/50-disable-internal.conf
---
ENGINE_EXTENSION_ENABLED_builtin-authn-internal = false
---
Hmmm.... we have a bug in this case... will fix, so let's just disable the
authz for now.
---
ENGINE_EXTENSION_ENABLED_internal = false
Met vriendelijke groet, With kind regards,
Jorick Astrego
Netbulae Virtualization Experts
----------------
Tel: 053 20 30 270 i...@netbulae.eu Staalsteden 4-3A
KvK 08198180
Fax: 053 20 30 271 www.netbulae.eu 7547 TA Enschede
BTW NL821234584B01
----------------
_______________________________________________
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
