Bug 1464498 - [Docs][Admin] Note that AD configuration examples are available in README files in the ovirt-engine-extension-aaa-ldap package [NEEDINFO]
[Docs][Admin] Note that AD configuration examples are available in README fil...
Status: NEW
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: Documentation (Show other bugs)
4.1.0
Unspecified Unspecified
medium Severity unspecified
: ovirt-4.1.6
: ---
Assigned To: rhev-docs@redhat.com
rhev-docs@redhat.com
: FutureFeature
Depends On: 1462294 1472254
Blocks:
  Show dependency treegraph
 
Reported: 2017-06-23 10:56 EDT by Marian Jankular
Modified: 2017-08-07 20:44 EDT (History)
12 users (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: Docs
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
lbopf: needinfo? (mjankula)


Attachments (Terms of Use)

  None (edit)
Description Marian Jankular 2017-06-23 10:56:20 EDT
Description of problem:
ovirt-engine-extension-aaa-ldap is working most of the time, however lot of customers have special setups (multiple A records for each domain controller, domain/forest trusts, domain controllers behind firewall so they can not use srvrecord serverset for example)
Would it be possible to document all the possible directives because all i have found is:

https://github.com/oVirt/ovirt-engine-extension-aaa-ldap/blob/master/README.profile 
https://github.com/oVirt/ovirt-engine-extension-aaa-ldap

And that is not all off it. It would be nice if customers could find it on redhat customer portal with all directives described.

Thank you very much in advance.
Comment 1 Martin Perina 2017-06-23 15:19:02 EDT
(In reply to Marian Jankular from comment #0)
> Description of problem:
> ovirt-engine-extension-aaa-ldap is working most of the time, however lot of
> customers have special setups (multiple A records for each domain
> controller, domain/forest trusts, domain controllers behind firewall so they
> can not use srvrecord serverset for example)
> Would it be possible to document all the possible directives because all i
> have found is:
> 
> https://github.com/oVirt/ovirt-engine-extension-aaa-ldap/blob/master/README.
> profile 
> https://github.com/oVirt/ovirt-engine-extension-aaa-ldap
> 
> And that is not all off it. It would be nice if customers could find it on
> redhat customer portal with all directives described.
> 
> Thank you very much in advance.

Other details can be found at [1] and we also have oVirt AAA FAQ [2], which we are extending when someone report problem which can be interesting also for others.

We can add some additional documentation, but aaa-ldap is so extensible, that pretty much anything can be achieved by changing property files. Anyway providing more detailed description of all properties and all possible customizations is a huge task ...


[1] https://github.com/oVirt/ovirt-engine-extension-aaa-ldap/blob/master/README
[2] http://www.ovirt.org/develop/release-management/features/infra/aaa_faq/
Comment 6 Martin Perina 2017-08-03 09:02:57 EDT
As a part of BZ1462294 (RHV 4.2) and BZ1472254 (RHV 4.1.5) we will provide examples for most common AD configurations which cannot be configured using ovirt-engine-extension-aaa-ldap-setup tool. Examples with corresponding README.md files will be part of ovirt-engine-extension-aaa-ldap package, so you can link or even fully document those examples in Administration Guide
Comment 7 Lucy Bopf 2017-08-07 20:34:48 EDT
Thanks, Martin! That's great. We've decided that we'll mention these examples in the Admin Guide, and tell users where to find them. That way, you can update the examples in the package at any time, and we won't need to update the Admin Guide to match.

Note You need to log in before you can comment on or make changes to this bug.