Is it possible for one RHEV-M server to authenticate with multiple LDAP/IPA domains?

Latest response

It is possible to authenticate against multiple AD/IPA domains with both RHEV 2.2 or RHEV 3.0.

Utilizing multiple LDAP domains may indeed work, but this functionality is not officially supported by Red Hat since it has not been fully integrated. This may be supported in a future RHEV 3 minor release.

Responses

RHEV Manager 2.2 support for multiple domains is for Active Directory, and only if there is a trust relationship between the domains.

 

For 3.0 we are adding Local IPA support that will co-exist with the above.

This means that:

1. If you chose during RHEV Manager setup to use local authentication (IPA in local mode) you'll be able later to add multiple Active Directory domains as in 2.2.

 

2. If you chose during RHEV Manager setup to use Active Directory (remote option) then you'll be able to add more AD domains the same as for 2.2.

 

To achive that RHEV Manager provides a script (coming up in beta2) that will allow to add more domains.

 

P.S.

The script will allow to add domains that have no trust relationship and/or external IPA, however this is unsupported tech prview.