You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@vcl.apache.org by "ASF subversion and git services (JIRA)" <ji...@apache.org> on 2016/10/19 17:09:58 UTC
[jira] [Commented] (VCL-867) Active Directory Authentication for
Windows VM's
[ https://issues.apache.org/jira/browse/VCL-867?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15589277#comment-15589277 ]
ASF subversion and git services commented on VCL-867:
-----------------------------------------------------
Commit 1765685 from [~jfthomps] in branch 'vcl/trunk'
[ https://svn.apache.org/r1765685 ]
VCL-277 - Add support for images to join Active Directory domains
VCL-867 - Active Directory Authentication for Windows VM's
vcl.sql:
-added definition of addomain table
-put backticks around field names for connectlog table (unrelated to this JIRA)
-added definition of imageaddomain table
-added addomain entry to resourcetype table
-added 'All AD Domains' entry to resourcegroup table
-added entries for administer and manageGroup for 'All AD Domains' group to resourcepriv table
-added addomainAdmin entry to userprivtype table
-added entries to give admin user and adminUsers group addomainAdmin privilege at admin node in userpriv table
update-vcl.sql:
-added definition of addomain table
-put backticks around field names for connectlog table (unrelated to this JIRA)
-added definition of imageaddomain table
-added insert for addomain entry to resourcetype table
-added insert for 'All AD Domains' entry to resourcegroup table
-added inserts for entries for administer and manageGroup for 'All AD Domains' group to resourcepriv table
-added insert for addomainAdmin entry to userprivtype table
-added inserts for entries to give admin user and adminUsers group addomainAdmin privilege at admin node in userpriv table
> Active Directory Authentication for Windows VM's
> ------------------------------------------------
>
> Key: VCL-867
> URL: https://issues.apache.org/jira/browse/VCL-867
> Project: VCL
> Issue Type: New Feature
> Components: database, vcld (backend), web gui (frontend)
> Reporter: Junaid Ali
> Labels: features
> Fix For: 2.5
>
> Attachments: managementnode.patch, vmadsauth.sql, web.patch
>
>
> The current VCL application creates local user accounts for each reservation. There is a need to provide active directory authentication so as to provide access to domain resources like profile and network shares during the VCL reservation.
> This patch updates the VCL database by creating two additional tables:
> activedirectorydomain -> used to store active directory related information
> imageactivedirectorydomain -> used to store mapping of which images use which active directory domain.
> A new column is added to the reservation table to hold current active directory information for that particular reservation.
> The patch updates the VCL backed (vcld) to add functionality to make the windows images part of the active directory domain. It also sets the computer's hostname to be the same as defined in the database. This is done to prevent creation of a lot of temporary computer objects within Active Directory. The process of domain join add's two reboots (one for hostname update and one for domain join). After each reboot the cygwin_rebase scripts are run to reconfigure SSHD.
> The patch also updates the VCL frontend to allow management of Active directory domains within the system and also manage the association of VCL images and active directory domains. There is an option to enable moving computer objects to specific Active directory Organization Unit's for better grouping and ability to apply custom policies to custom group of images on the Active directory side. This option was working in Cygwin 1.5 but stopped working in Cygwin 1.7 due to some path issues. I left this option in the front-end while I look for resolution within Cygwin 1.7.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)