I tried to plug ovirt using my company AD.
But I have a problem, the DNS srv records are not well managed and I can't use
them so I changed pool.default.serverset.type from srvrecord to failover.
But it was not enough, it was still using those invalid records. It was used by
pool.default.dc-resolve.default.serverset.type too. I found that after digging
in the source. I wonder why it should be specified twice. Why
pool.default.dc-resolve.default.serverset and pool.default.serverset are
different ?
I also need to specify search.ad-resolve-upn.search-request.baseDN because it
didn't found it any more. I wonder if it's related.
My aaa property file:
include = <ad.properties>
vars.domain = MYDOME
vars.user = A_DN
vars.password = the_password
vars.forest = my_forest
pool.default.auth.simple.bindDN = ${global:vars.user}
pool.default.auth.simple.password = ${global:vars.password}
pool.default.serverset.type = failover
pool.default.serverset.failover.1.server = server1
pool.default.serverset.failover.2.server = server2
pool.default.ssl.startTLS = true
pool.default.ssl.truststore.file = trust.jks
pool.default.ssl.truststore.password =
pool.default.ssl.startTLSProtocol = TLSv1.2
pool.default.connection-options.connectTimeoutMillis = 500
pool.default.dc-resolve.enable = true
pool.default.dc-resolve.default.serverset.type = failover
pool.default.dc-resolve.serverset.failover.1.server = server1
pool.default.dc-resolve.serverset.failover.2.server = server2
search.ad-resolve-upn.search-request.baseDN = BASE_DN
_______________________________________________
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
