Bug 1539551

Summary: [Docs][RFE][Admin] Authenticating ovirt-provider-ovn against Active Directory
Product: Red Hat Enterprise Virtualization Manager Reporter: Tahlia Richardson <trichard>
Component: DocumentationAssignee: Tahlia Richardson <trichard>
Status: CLOSED CURRENTRELEASE QA Contact: Avital Pinnick <apinnick>
Severity: medium Docs Contact:
Priority: medium    
Version: 4.2.0CC: lbopf, lsurette, rbalakri, srevivo, ykaul
Target Milestone: ovirt-4.2.2Keywords: FutureFeature, Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: docs-accepted
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-04-04 05:14:47 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Docs RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1472747    
Bug Blocks:    

Description Tahlia Richardson 2018-01-29 07:53:04 UTC 
From comment 2 in BZ#1472747:

For Active Directory we need to use the following username format: <admin_username>@<ad_domain>@<auth_profile> when saving the settings in the provider window.

I used the following ovirt-provider-ovn.conf settings:

[AUTH]
auth-plugin=auth.plugins.ovirt:AuthorizationByGroup

[OVIRT]
ovirt-admin-role-id=def00005-0000-0000-0000-def000000005
ovirt-admin-group-attribute-name=AAA_AUTHZ_GROUP_NAME;java.lang.String;0eebe54f-b429-44f3-aa80-4704cbb16835
ovirt-admin-group-attribute-value=ovn_admins

This scenario needs to be documented.


Additional details can be found in the draft doc text of BZ#1472747.
Comment 1 Lucy Bopf 2018-02-15 06:27:17 UTC 
Accepting into Beta 3 program and assigning to Tahlia for review.
Comment 4 Tahlia Richardson 2018-04-04 05:14:47 UTC 
Now published at https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.2-beta/html/administration_guide/sect-adding_external_providers#Add_Provider_General_Settings_Explained