Bug 1472957
Summary: | [Docs][Admin] Update documentation to direct users to example files for AD configuration | ||
---|---|---|---|
Product: | Red Hat Enterprise Virtualization Manager | Reporter: | Anitha Udgiri <audgiri> |
Component: | Documentation | Assignee: | Tahlia Richardson <trichard> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Byron Gravenorst <bgraveno> |
Severity: | high | Docs Contact: | |
Priority: | medium | ||
Version: | 4.2.3 | CC: | audgiri, lbopf, lsurette, mkalinin, omachace, rbalakri, Rhev-m-bugs, srevivo |
Target Milestone: | ovirt-4.2.5 | Keywords: | Triaged |
Target Release: | --- | Flags: | lsvaty:
testing_plan_complete-
|
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | docs-accepted | ||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2018-07-12 01:14:48 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | Docs | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Anitha Udgiri
2017-07-19 16:38:27 UTC
Anitha, this is strange because we have not supported using domain local groups in multi-domain forrest at all before BZ1336707, and BZ1336707 was fixed in aaa-ldap contained in RHV 4.1.0. So: 1. If customers used domain local groups in managed-domains and they've only moved to aaa-ldap with no AD changes (especially manage-domains didn't support forrest only single domain, so they have configured aaa-ldap only to correct single domain servers), they should not face the issue 2. Customers used only single domain setup and after upgrade to 4.1 now they have changed their AD to multi-domain forrest. If so then they faced that issue. Anyway it needs to mentioned that using domain local groups for group membership inside multi-domains forrest in not recommended by Microsoft. Ondro, could you please provide correct steps to alter configuration and also please update DocText also in BZ1336707. Ondra, can you please provide the steps as requested by Martin in comment 2? The difference is described in profile itself here: https://github.com/oVirt/ovirt-engine-extension-aaa-ldap/blob/master/profiles/ad.properties#L22 If you need any more information, please let me know. Anitha, can you take a look at the link Ondra provided in comment 4, and let us know whether that information resolves your questions. If not, what else is required? (In reply to Lucy Bopf from comment #5) > Anitha, can you take a look at the link Ondra provided in comment 4, and let > us know whether that information resolves your questions. If not, what else > is required? Lucy, Apologies for the delay in responding here. The information in the link is what exactly customers need to know. I doubt if customers ever open this file to peek inside to read this information. The best thing would be to either direct customers to read this info or get this info into the published documentation. Thanks, Anitha! That's very helpful. I discussed this with Derek, and we agreed that pointing users to the file would be the most achievable solution, and would mean the file can be updated without requiring a change in the documentation. Updating the summary to reflect the new action. Apologies for the delay. I realized that the BZ was not on the 'Documentation' component, so I have now moved it. Accepting into the 4.2.5 program, and assigning to Tahlia for review. Reviewed and merged. |