[Ovirt-devel] [PATCH] replace kadmin.local with ipa-* commands
Ian Main
imain at redhat.com
Thu May 29 00:32:31 UTC 2008
On Wed, 28 May 2008 23:17:38 +0200
Alan Pevec <apevec at redhat.com> wrote:
> replace kadmin.local with ipa-* commands
>
> We should not use kadmin with IPA, see http://freeipa.org/page/IpaConcepts#How_IPA_and_Kerberos_Work_Together
> This change makes finally 'grant_admin_privileges ovirtadmin' work, since now we get user object created at expected prefix cn=users,cn=accounts
>
> 'grant_admin_privileges admin' is removed, admin is IPA system account and has nothing to do with oVirt
Hey Alan, I ran this and in the log you see:
The password for this file is in /etc/dirsrv/slapd-PRIV-OVIRT-ORG/pwdfile.txt
/etc/rc3.d/S95ovirt-wui-dev-first-run: line 20: kinit: command not found
Could not initialize GSSAPI: Unspecified GSS failure. Minor code may provide more information/No credentials cache found
Could not initialize GSSAPI: ('Unspecified GSS failure. Minor code may provide more information', 851968)/('No credentials cache found', -1765328189)
so I'll add the kerb bin dir to the path and try it again.
Ian
More information about the ovirt-devel
mailing list