1063095 – (oVirt-AAA-LDAP) OVIRT35 - [RFE][AAA] engine should have a generic LDAP provider

Bug 1063095 (oVirt-AAA-LDAP) - OVIRT35 - [RFE][AAA] engine should have a generic LDAP provider

Summary: OVIRT35 - [RFE][AAA] engine should have a generic LDAP provider

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	oVirt-AAA-LDAP
Product:	oVirt
Classification:	Retired
Component:	ovirt-engine-core
Sub Component:
Version:	3.5
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Target Release:	3.5.0
Assignee:	Alon Bar-Lev
QA Contact:	Ondra Machacek
Docs Contact:
URL:
Whiteboard:	infra
Duplicates (1):	1072861 (view as bug list)
Depends On:	584625 650593 675701 766601 798075 835438 840421 871408 885206 963936 980965 1053030 1062320 1064161 1072861 1104074 1110765 1118251 1130316 1131179 1134004 1134855 1136708 1151127 1165721 1171395 1172173 1180154 1213387
Blocks:	oVirt-AAA-rewrite 1083736
TreeView+	depends on / blocked

Reported:	2014-02-10 01:18 UTC by Yair Zaslavsky
Modified:	2016-02-10 19:35 UTC (History)
CC List:	9 users (show)
Fixed In Version:
Doc Type:	Enhancement
Doc Text:	Feature: A complete new LDAP support for ovirt-engine. Reason: Legacy LDAP support was complex implementation required kerberos, dns, ldap settings. It was monolithic in term of no new technologies can be added. No customization was possible. Result: A complete new implementation provided by the ovirt-engine-extension-aaa-ldap package. No migration sequence is provided, existing users can continue to use the legacy implementation. Migration can be done manually by adding the new provider, assigning permissions to users and group from the new provider, and removing the permissions of the users and groups of the old provider, during migration phase both providers can co-exist.
Clone Of:
Clones:	1072861 (view as bug list)
Environment:
Last Closed:	2014-10-17 12:36:00 UTC
oVirt Team:	Infra
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Yair Zaslavsky 2014-02-10 01:18:23 UTC

Description of problem:

Following BZ1032682 -
We should include a generic LDAP directory provider replacing the current ldap provider.
For this provider should be able to configure the queries and the returned attribute via a configuration file, in order to support adding future ldap vendors via configuration, and not via code.



Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 1 Barak 2014-03-05 08:11:51 UTC

2 additional requirements:
- to be able to build such a provider externally (outside of the engine code)
- such a generic provider should come with configuration templates for all 
  currently supported legacy providers (AD, IPA, RHDS, openLDAP ...)

Comment 2 Alon Bar-Lev 2014-03-16 20:45:21 UTC

*** Bug 1072861 has been marked as a duplicate of this bug. ***

Comment 3 Alon Bar-Lev 2014-06-11 14:30:55 UTC

moving to post as we have prototype.

Comment 4 Sandro Bonazzola 2014-10-17 12:36:00 UTC

oVirt 3.5 has been released and should include the fix for this issue.

Note You need to log in before you can comment on or make changes to this bug.