[Freeipa-users] Adding FreeIPA as a vsphere identity source
Gianluca Cecchi
gianluca.cecchi at gmail.com
Wed Mar 4 13:13:06 UTC 2015
On Wed, Mar 4, 2015 at 9:43 AM, <reesb at hushmail.com> wrote:
> Hi,
> I've read the thread from Nov and checked out
> http://www.freeipa.org/page/HowTo/vsphere5_integration however i'm still
> having trouble getting vpshere to use freeipa as an identity source.
>
> I've set the base DN for users and groups, the connection url and username
> and password and my vadmin account connects correctly however when i try to
> log in as a user (whom i've assigned permissions to) i get an
> authentication error that states it may be caused by a malfunctioning
> identity source.
>
> Also I have modified my ldap schema as directed in the howto however (and
> i'm pretty sure this is the root of my problem) I notice that when I do an
> ldapsearch for a group which i've assigned administrator permissions it
> does not have the 'uniqueMember' attribute. The ldapmodify command seemed
> to run correctly without any complaints. Also i'm running freeipa 4.1.
>
>
> [snip]
>
>
> Does anyone have any suggestions?
>
>
>
Hello,
I did write that howto based on my test configuration that was composed by:
- vSphere 5.1 (no updates)
- IPA packages 3.3.3-28.0.1.el7.centos.3 as provided in CentOS 7 at
beginning of December 2014
What's your version of vSphere? I didn't test it but a couple of other guys
notified me about problems with 5.5
Also, stupid question, I presume you had configured exactly as my test case
where IPA domain was localdomain.local, based on your output, correct?
Please provide output of the ldapsearch command requested by Martin too..
Thanks,
Gianluca
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150304/b3fd337e/attachment.htm>
More information about the Freeipa-users
mailing list