14.5. Migrating from the Legacy Provider to the New Extension-Based Provider

Procedure 14.6. Manually Migration from the Legacy Provider to the New Extension-Based Provider

1. Use the interactive setup tool to attach directory servers using the new extension-based provider. See Section 14.3.1, “Configuring an External LDAP Provider (Interactive Setup)” for more information. The interactive setup script asks you to perform search and login queries to verify that the setup was successful. You can also log in to the Administration Portal to verify if the directory server has been successfully attached. At this stage the same directory server is attached twice: Once using the legacy provider with the domain management tool, and once using the new extension-based provider. To distinguish between the two, the profile name must not be the same. You can rename the profile name after the legacy profile has been removed.
2. After verifying that the new setup was successful, remove the old directory server profile:

   # engine-manage-domains delete --domain=directory.demo.example.com

3. Log in to the Administration Portal, and remove all users and groups related to the old profile. Users defined in the removed domain will no longer be able to authenticate with the Red Hat Enterprise Virtualization Manager. The entries for the affected users will remain defined in the Red Hat Enterprise Virtualization Manager until they are explicitly removed from the Administration Portal.
4. Optionally rename the profile name of the directory server to the one originally used. Restart the engine service:

   # vi /etc/ovirt-engine/extensions.d/profile1-authn.properties
   ovirt.engine.aaa.authn.profile.name = New_profile_name

   # service ovirt-engine restart