Doc text for BZ#1249639: " Feature: Legacy provider for 'internal' domain was replaced by aaa-jdbc provider, so following things needs to be documented for RHEVM 3.6.0: 1. During the upgrade 'internal' domain is converted from legacy provider to aaa-jdbc provider, password for 'admin@internal' is preserved. For new installation aaa-jdbc provider is installed by default and 'admin@internal' password is set during engine-setup execution. 2. There's completely new infrastructure how to manage users/groups/passwords provided by aaa-jdbc provider, for details please take a look at feature page http://www.ovirt.org/Features/AAA_JDBC 3. Document that describes how to change password of admin@internal is no longer valid for RHEV 3.6: https://access.redhat.com/solutions/63677 Please update it with information contained in feature page. 4. aaa-jdbc provider is contained in ovirt-engine-extension-aaa-jdbc package which is not upgraded automatically by engine-setup (only specific upgrades are forced to be applied during engine-setup execution). So if user wants aaa-jdbc to be upgraded he needs to execute following commands: yum update ovirt-engine-extension-aaa-jdbc service restart ovirt-engine " +++ This bug was initially created as a clone of Bug #1249639 +++ Changing internal domain to work with the jdbc extension --- Additional comment from Pavel Stehlik on 2015-08-18 03:41:46 EDT --- CodeChange? Or how should be tested? --- Additional comment from Martin Perina on 2015-08-18 09:23:43 EDT --- Legacy provider for 'internal', which supports only only one user (admin) and no groups, was replaced with aaa-jdbc provider which supports unlimited number of users and groups same as aaa-ldap provider. So I think that verification should be similar to 1076971: 1. Upgrade for previous version is OK, internal legacy provider is replaced with aaa-jdbc, admin@internal can be logged in with the same password as before 2. New installation is OK, aaa-jdbc is configured properly, admin@internal can be logged in using password specified during engine-setup 3. For both upgrade and new installation verify that user/groups management using ovirt-aaa-jdbc-tool command works correctly
(In reply to Andrew Burden from comment #0) >So if user wants aaa-jdbc to be upgraded he needs to execute following commands: > > yum update ovirt-engine-extension-aaa-jdbc > service restart ovirt-engine AFAIK it's not enough. ie. DB upgrade is run within engine-setup command. That means to properly upgrade you need to run: yum update ovirt-engine-extension-aaa-jdbc engine-setup service restart ovirt-engine
this is an automated message. oVirt 3.6.0 RC3 has been released and GA is targeted to next week, Nov 4th 2015. Please review this bug and if not a blocker, please postpone to a later release. All bugs not postponed on GA release will be automatically re-targeted to - 3.6.1 if severity >= high - 4.0 if severity < high
(In reply to Ondra Machacek from comment #1) > (In reply to Andrew Burden from comment #0) > >So if user wants aaa-jdbc to be upgraded he needs to execute following commands: > > > > yum update ovirt-engine-extension-aaa-jdbc > > service restart ovirt-engine > > AFAIK it's not enough. ie. DB upgrade is run within engine-setup command. > That means to properly upgrade you need to run: > > yum update ovirt-engine-extension-aaa-jdbc > engine-setup > service restart ovirt-engine I've updated README.admin in ovirt-engine-extension-aaa-jdbc package with concrete steps to install/upgrade aaa-jdbc profiles: https://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-jdbc.git;a=blob_plain;f=README.admin;hb=38dcec6efd9141b8dc6c6395b501bc231bb8ffc4
Upgrade of aaa-jdbc extension has been changed by BZ1293338. There's no need for manual upgrade of 'internal' profile, everything is done automatically by engine-setup. Only custom aaa-jdbc profiles have to be upgraded manually. Updated installation info can be found at https://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-jdbc.git;a=blob_plain;f=README.admin
Documentation available at: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Virtualization/3.6-Beta/html/Administration_Guide/sect-Administering_User_Tasks_From_the_commandline.html
*** Bug 1302273 has been marked as a duplicate of this bug. ***