Bug 1507715

Summary: [Docs][RFE][Admin] Review 'Attaching an Active Directory' for changes in 4.2
Product: Red Hat Enterprise Virtualization Manager Reporter: Byron Gravenorst <bgraveno>
Component: DocumentationAssignee: Billy Burmester <bburmest>
Status: CLOSED CURRENTRELEASE QA Contact: Tahlia Richardson <trichard>
Severity: high Docs Contact:
Priority: urgent    
Version: 4.2.0CC: lbopf, lsurette, rbalakri, srevivo, ykaul
Target Milestone: ovirt-4.2.2Keywords: FutureFeature, Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: docs-accepted
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-03-20 01:44:16 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Docs RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1462294    
Bug Blocks:    

Description Byron Gravenorst 2017-10-31 01:43:08 UTC 
Using the virt-engine-extension-aaa-ldap-setup tool it's possible to configure an Active Directory forest with multi-domain trust, or an Active Directory forest with a single domain. However it is currently not possible to configure using a single domain from a multi-domain Active Directory forest because this is advanced configuration which is difficult to perform automatically.

This update provides common advanced Active Directory configuration examples that users can copy and adapt to their local environment. Those examples are bundled within the ovirt-engine-extension-aaa-ldap package, and can be found at /usr/share/ovirt-engine-extension-aaa-ldap/examples/README.md.

The ovirt-engine-extension-aaa-ldap-setup tool user experience has also been improved with the following changes:

- Add more detailed error reporting for various Active Directory forest configuration steps.
- Made the login test mandatory to test the provided configuration.
Comment 1 Lucy Bopf 2017-11-28 01:47:39 UTC 
Note: There is a similar request for this in 4.1.z: https://bugzilla.redhat.com/show_bug.cgi?id=1464498
Comment 2 Lucy Bopf 2018-02-15 05:56:00 UTC 
Update to the requirement for this RFE:

The location of the examples was added in 4.1 and forward ported to 4.2 as part of bug 1464498.

This RFE should now be used to review the 'Attaching an Active Directory' section to determine whether and where changes are required based on 4.2 improvements.
Comment 3 Lucy Bopf 2018-02-15 05:59:09 UTC 
Accepting into Beta 3 program and assigning to Billy for review.

Billy, you may not be able to test this one directly, so I'd suggest starting by requesting an SME review of the mentioned section.

Martin Perina has been our SME on this topic.
Comment 6 Billy Burmester 2018-03-20 01:44:16 UTC 
Published updated procedure for 4.2beta: https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.2-beta/html-single/administration_guide/#Attaching_an_Active_Directory