Bug 1425122
Summary: | [Sysprep] authz name is not set as domain in new VM dialog | ||||||
---|---|---|---|---|---|---|---|
Product: | [oVirt] ovirt-engine | Reporter: | Israel Pinto <ipinto> | ||||
Component: | BLL.Virt | Assignee: | Sharon Gratch <sgratch> | ||||
Status: | CLOSED CURRENTRELEASE | QA Contact: | Israel Pinto <ipinto> | ||||
Severity: | medium | Docs Contact: | |||||
Priority: | unspecified | ||||||
Version: | 4.1.1 | CC: | bugs, ipinto, lveyde, mperina, omachace, tjelinek | ||||
Target Milestone: | ovirt-4.1.2 | Flags: | tjelinek:
ovirt-4.1?
ipinto: planning_ack? rule-engine: devel_ack+ rule-engine: testing_ack+ |
||||
Target Release: | 4.1.2 | ||||||
Hardware: | Unspecified | ||||||
OS: | Unspecified | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | If docs needed, set a value | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2017-05-23 08:15:04 UTC | Type: | Bug | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | Virt | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | |||||||
Bug Blocks: | 1380128 | ||||||
Attachments: |
|
Description
Israel Pinto
2017-02-20 15:46:31 UTC
Profile name should no longer be relevant for cloudinit/sysprep due to BZ1380128. Please share your aaa-ldap configuration, especially authz name (as mentioned in BZ1380128 authz name should be set to domain name) (In reply to Martin Perina from comment #1) > Profile name should no longer be relevant for cloudinit/sysprep due to > BZ1380128. Please share your aaa-ldap configuration, especially authz name > (as mentioned in BZ1380128 authz name should be set to domain name) The steps are from the BZ1380128, Now the domain is empty in New VM, after changing the OS (from window 2012 r2 64B to Windows 7) it update to:ad-w2k12r2-authz See aaa-ldap configuration: [environment:default] OVAAALDAP_LDAP/profile=str:ad OVAAALDAP_LDAP/aaaProfileName=str:'ad-w2k12r2' OVAAALDAP_LDAP/useDNS=bool:True OVAAALDAP_LDAP/serverset=str:srvrecord OVAAALDAP_LDAP/aaaProfileName=str:ad-w2k12r2 OVAAALDAP_LDAP/protocol=str:plain OVAAALDAP_LDAP/domain=str:ad-w2k12r2.rhev.lab.eng.brq.redhat.com OVAAALDAP_LDAP/user=str:user1.lab.eng.brq.redhat.com OVAAALDAP_LDAP/password=str:Heslo123 OVAAALDAP_LDAP/toolEnable=bool:False OVAAALDAP_LDAP/configOverwrite=bool:True OVAAALDAP_LDAP/useVmSso=bool:False Created attachment 1255848 [details]
screenshot
(keeping together with the original RFE) Just a note that to properly test VM SSO the authz name *MUST* be same as the domain name of the user which should be logged in to VM. So in this case the authz name must be: ad-w2k12r2.rhev.lab.eng.brq.redhat.com (In reply to Ondra Machacek from comment #5) > Just a note that to properly test VM SSO the authz name *MUST* be same as > the domain name of the user which should be logged in to VM. The same applies also for for sysprep/cloudinit as mentioned in BZ1380128. > So in this case the authz name must be: > > ad-w2k12r2.rhev.lab.eng.brq.redhat.com Please make sure to allow VM SSO in ovirt-engine-extension-aaa-ldap-setup tool, so correct configuration files are created. Moving back to Virt, according to Tomas, the issue is New VM flow where domain is not properly updated, but everything should work properly when you execute sysprep/cloudinit using Edit VM dialog. The same problem of domain field not properly updated re-occurred also in Run-Once dialog ("Initial Run" section). Verify with: RHVM Version: 4.1.2-0.1.el7 Steps: 1. Run ovirt-engine-extension-aaa-ldap-setup for configuring AD. 2. [Edit VM] Create VM with 'other os' and update OS version to window_XX (desktop/server) Enable sysprep and check that domain is update with 'aaaProfileName' 3. [New VM] Create VM with OS version window_XX (desktop/server) Enable sysprep and check that domain is update with 'aaaProfileName' Results: All cases pass |