Bug 1380128 - [RFE] Use authz name instead of profile name as domain for Cloud-Init/Sysprep for windows guests.
Summary: [RFE] Use authz name instead of profile name as domain for Cloud-Init/Sysprep...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: ovirt-engine
Version: 4.0.3
Hardware: x86_64
OS: Linux
unspecified
low
Target Milestone: ovirt-4.1.2
: ---
Assignee: Ondra Machacek
QA Contact: Israel Pinto
URL:
Whiteboard:
Depends On: 1425122
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-09-28 17:35 UTC by Ameya Charekar
Modified: 2019-12-16 06:56 UTC (History)
13 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-05-24 11:21:53 UTC
oVirt Team: Infra
Target Upstream Version:
Embargoed:
ipinto: testing_plan_complete+

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHEA-2017:1280 0 normal SHIPPED_LIVE Red Hat Virtualization Manager (ovirt-engine) 4.1.2 2017-05-24 15:18:48 UTC
oVirt gerrit 66241 0 None None None 2016-11-08 10:18:03 UTC

Description Ameya Charekar 2016-09-28 17:35:48 UTC 
Description of problem:

We can customize profile name that will be visible to users while configuring an External LDAP Provider for AD. Profile name is reflected in Domain field while using initial run for windows vm. For profile name created with space we can not save vm without manual changes.

Version-Release number of selected component (if applicable):
ovirt-engine-extension-aaa-ldap-1.2.1-1.el7ev.noarch
ovirt-engine-extension-aaa-ldap-setup-1.2.1-1.el7ev.noarch

How reproducible:

Always.

Steps to Reproduce:
1. Run ovirt-engine-extension-aaa-ldap-setup for configuring AD.
2. Provide profile name with space:
Please specify profile name that will be visible to users [<domain>.com]: <name with space>
3. For windows guest after enabling Use Cloud-Init/Sysprep unable to save vm as domain name with space is not allowed.

Actual results:

Domain name is profile name.

Expected results:

Domain name should be from "vars.domain = <domain>.com" irrespective of profile name.

Additional info:
Comment 1 Martin Perina 2016-09-29 12:19:36 UTC 
Currently profile name and authz name must be set to do domain name in order for both cloud-init/sysprep and VM Signle Sign-On to work correctly. If you want to have profile name different from domain name, then please change the bug to RFE and we could probably change the code to use only authz name for cloud-init/sysprep and VM Signle Sign-On in future.
Comment 9 Martin Perina 2016-10-06 19:05:06 UTC 
Currently profile name is used as domain name when configuring cloud-init/sysprep for Windows guest. But this is wrong, because we have no restrictions/recommendations for profile name and when user is successfully logged into engine we know only his authz name, but not profile name (multiple profile names can be mapped into single authz name). Also only authz name is required to be set to domain name for Windows guests features like Single Sign-On for VMs.
Comment 14 Israel Pinto 2017-05-04 08:03:14 UTC 
Verify with: 
RHVM Version: 4.1.2-0.1.el7

Steps:
1. Run ovirt-engine-extension-aaa-ldap-setup for configuring AD.
2. [Edit VM]
Create VM with 'other os' and update OS version to window_XX (desktop/server)
Enable sysprep and check that domain is update with 'aaaProfileName'
3. [New VM]
Create VM with OS version window_XX (desktop/server)
Enable sysprep and check that domain is update with 'aaaProfileName'

Results:
All cases pass
Comment 16 errata-xmlrpc 2017-05-24 11:21:53 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2017:1280
Note You need to log in before you can comment on or make changes to this bug.