[Ovirt-devel] Remote access with firefox to ovirt

[Thomas von Steiger]

Hello Alan, Cris,

Thank you for the answer. That's greate, spacewalk and ovirt...:-)
For using kerberos are we don't need a principal in the keytab file  
like ovirtadmin at PRIV.OVIRT.ORG ?
Are there other ketabfiles because with kadmin.local listprincs the  
principales are there. But not i the ovirt.keytab files.

[root at management ~]# ktutil -t /usr/share/ovirt-wui/ovirt.keytab
ktutil:  list
slot KVNO Principal
---- ----  
---------------------------------------------------------------------
ktutil:  quit
[root at management ~]# ktutil -t /usr/share/ovirt-wui/ovirtadmin.tab
ktutil:  list
slot KVNO Principal
---- ----  
---------------------------------------------------------------------
ktutil:

kadmin.local:  addprinc root/admin

With kadmin.local on the developer node i have no access to
ktadd -k /usr/share/ovirt-wui/ovirtadmin.tab ovirtadmin at PRIV.OVIRT.ORG


Thomas




On Jun 20, 2008, at 4:55 PM, Alan Pevec wrote:

> Chris Lalancette wrote:
>> 3)  kinit ovirtadmin at PRIV.OVIRT.ORG (password is ovirt)
>
> I'm sorry, I misinformed Chris here: for ovirtadmin we create keytab  
> which resets initial 'ovirt' to a random password.
> You need to transfer ktab from 'developer' and kinit with it:
> scp 192.168.50.2:/usr/share/ovirt-wui/ovirtadmin.tab .
> kinit -k -t ovirtadmin.tab
>> 4)  Start up firefox on your host machine, then go to about:config,  
>> type in
>> "negotiate", and then edit:
>> network.negotiate-auth.delegation-uris -> priv.ovirt.org
>> network.negotiate-auth.trusted-uris -> priv.ovirt.org
>> That should be it; you should now be able to browse to http://192.168.50.2/ovirt
>> and see the management WUI from the host machine.
>
> Access via IP won't work and it's not enough to add  
> management.priv.ovirt.org to /etc/hosts
> You need to set your DNS server to wui appliance, add to the top of / 
> etc/resolv.conf:
> nameserver 192.168.50.2
>
> restart firefox and access http://management.priv.ovirt.org/ovirt/
>