Ovirt with ldap authentication source
I want ovirt to auth to our work's ldap server, but the default engine domain system expects you to have kerberos. There is however a new AAA module that you can use.
First, install it
yum install ovirt-engine-extension-aaa-ldap
So we have a look at the package listing to see what could be a good example:
rpm -ql ovirt-engine-extension-aaa-ldap
....
/usr/share/ovirt-engine-extension-aaa-ldap/examples/simple/
So we copy our example in place:
cp -r /usr/share/ovirt-engine-extension-aaa-ldap/examples/simple/* /etc/ovirt-engine/
Now we edit the values in /etc/ovirt-engine/aaa/profile1.properties to match our site, then restart the engine service.
Finally, we need to login is as our admin user, then go to configure and assign our user a role. This should allow them to login.
I'm seeing some issues with group permissions at the moment, but I suspect that is a schema mismatch issue.
This was a really valuable resource.