How do you specify target OU when adding to active directory

Latest response

We are trying to add system to domain using active directory, and we are getting error no user was found for x@example.com, trying next ldap server.  We have multiple OU's here and wondering how or if we can specify a specific OU that we have rights to?

lc
Log in to join the conversation

Responses

GS Expert Active Contributor 1269 points
31 May 2013 4:11 AM

I don't get it - what system?  Are you trying to add a RHEV-M system to a Windows Active Directory?  Or a RHEV-H host?  In either case - why? The requirement for Windows for RHEV-M went away with RHEV 3.0. 

If trying to add a Windows VM to Active Directory, the rules are exactly the same as if that VM were a physical machine.  

But I don't get what you're trying to do.

- Greg Scott

lc Active Contributor 175 points
31 May 2013 3:02 PM

Yes, we are trying to add RHEV-M to Active Directory, so we can configure the web portal to domain authentication.

When running this command: rhevm-manage-domains -action=add -domain=example.com -user=admin -provider=ActiveDirectory -interactive we get a message saying no user in directory was found for admin@example.com trying next ldap server in list. No, we are not using admin and example.com we are using our company domain and user account. Wondering why it will not run correctly? Maybe I need to specify a specific OU to join?

james.radtke@siriusxm.com's picture Guru 6863 points
31 May 2013 6:50 PM

I believe the "-user" is what is causing issues. 

This is the syntax I utilize for our environment.

# rhevm-manage-domains -action=add -domain='corp.company.com' -provider=activeDirectory -user='ldap_svc@corp.company.com' -passwordFile=/root/.corp-psw
 

I believe a best-practice is to create a "service account" in AD which has the ability to browse the directory (which is what we have done).

Also - you should validate that your system is able to retrieve the LDAP/AD SRV DNS records for the domain you are using.

# dig SRV _kerberos._udp.corp.company.com

# nslookup -type=SRV _ldap._tcp.corp.company.com

# host -t SRV _ldap._tcp.corp.company.com

lc Active Contributor 175 points
4 June 2013 9:43 PM

It is still not working. I was able to verify that I am able to retrieve the ldap server dns records for our domain. Still getting the same error "No user in directory was found...."

rhevm-manage-domains -action=add -domain='corp.company.com' -provider=ActiveDirectory -user='user_ldap@.corp.company.com' -passwordFile=/root/.corp-psw

Any other ideas?

Thanks for your help!

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.