XCP-ng
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    XCP-ng Authentication to AD (2019)

    Scheduled Pinned Locked Moved Xen Orchestra
    6 Posts 3 Posters 1.3k Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M Offline
      musau
      last edited by olivierlambert

      Am trying to create a centralized xcp-ng 8.2 pool user management by adding it to Active Directory (Windows server 2019). Have created user groups and added corresponding users to the said groups.
      Am able to add the xcp-ng pool to AD and link respective groups successfully. Issue is when i try to reconnect as one of the users in those groups , i get:

      Sep 21 10:56:27 xcpone xapi: [error||4753 :::80||backtrace] Raised Server_error(SESSION_AUTHENTICATION_FAILED, [ 
testuser@grocone.com; Error: LW_ERROR_NOT_HANDLED (0x9c51) ]).

      Anyone with an insight ?
      lwsmd.service is running okay

      1 Reply Last reply Reply Quote 0
      • olivierlambertO Offline
        olivierlambert Vates 🪐 Co-Founder CEO
        last edited by olivierlambert

        Hi,

        We are not testing this feature during our QA. Usually, we advise to instead connect Xen Orchestra to your AD, without touching XCP-ng.

        I edited your post to use Markdown syntax, it's easier to read.

        M 1 Reply Last reply Reply Quote 0
        • M Offline
          musau @olivierlambert
          last edited by

          @olivierlambert Thanks for the insight much appreciated. do you have any guide you would recommend.

          1 Reply Last reply Reply Quote 0
          • olivierlambertO Offline
            olivierlambert Vates 🪐 Co-Founder CEO
            last edited by

            For XO it's relatively simple: https://xen-orchestra.com/docs/users.html#ldap

            For XCP-ng to AD, I have no idea. I think @Darkbeldin tried without success.

            DarkbeldinD M 2 Replies Last reply Reply Quote 0
            • DarkbeldinD Offline
              Darkbeldin Vates 🪐 Pro Support Team @olivierlambert
              last edited by

              @olivierlambert Yes I remember trying it, it wasn't working but I'm not sure I remember why.
              But mostly this is a feature intended for remote desktop user and why quit don't do that in XCP.
              You should not have lots of people given direct access to your hosts, as you said this should be done through XOA.

              1 Reply Last reply Reply Quote 0
              • M Offline
                musau @olivierlambert
                last edited by

                @olivierlambert Thanks for the link , seems i will go the XOA route as suggested by @Darkbeldin

                1 Reply Last reply Reply Quote 1
                • First post
                  Last post