RH318 - ch04s07

In this lab, you will assign additional roles to users in your Red Hat Virtualization environment and confirm that the roles have the expected effect.

Outcomes

You should be able to configure additional users with additional roles.

The Red Hat Enterprise Linux Identity Manager is installed, preconfigured, and running on the utility system.

The Red Hat Virtualization environment is configured to use the external directory service running on the utility system.

Log in as the student user on workstation and run the lab users-review start command. This command ensures that the Red Hat Virtualization environment is configured to use the Red Hat Enterprise Linux Identity Management server as a source for user information.

[student@workstation ~]$ lab users-review start

Assign the system-wide SuperUser role for the entire Red Hat Virtualization environment to the labadmin user from the lab.example.com profile.
On workstation, open Firefox and navigate to https://rhvm.lab.example.com/ovirt-engine. Click Administration Portal to log in to the web interface as the rhvadmin user, using the lab.example.com profile. The password is redhat.
In the menu click Administration, then click Configure.
In the Configure dialog box, click System Permissions.
Click the Add button to add a role to a user.
In the Add System Permission to User dialog box, select the User radio button, if not already selected. Click the drop-down list under Search to select the lab.example.com (lab.example.com-authz) option to use the user accounts from the Red Hat Enterprise Linux Identity Manager.
Click GO to display the users in the Red Hat Enterprise Linux Identity Manager server.
In the list of users that displays, select the check box for the labadmin user.
Click the drop-down list under Role to Assign. From the list of available roles, select the SuperUser role for labadmin.
Click OK to assign the specified role to the selected user. Notice that the labadmin user displays in the System Permissions list. This list confirms that the labadmin user has been assigned a role granting administrative access to Red Hat Virtualization.
In the Configure dialog box, click Close.
Sign out as admin from the Administration Portal.
For the Default data center only, assign DataCenterAdmin to labdcadmin from the lab.example.com profile. Use the labadmin user from the lab.example.com profile to perform this step. The password for labadmin is redhat.
Click Administration Portal to log in to the web interface as the domain user called labadmin with redhat as the password. Select the lab.example.com profile while logging in.
In the web interface, click Compute on the navigation pane on the left, and then click Data Centers from the options that display.
Click on the name of the Default data center.
In the page that displays, click on the Permissions tab.
Click the Add button to add a role to a user from the Red Hat Enterprise Linux Identity Manager.
In the Add Permission to User dialog box, click the User radio button, if not already selected. Click the drop-down list under Search to select the lab.example.com (lab.example.com-authz) item so that you can use the user accounts from the Red Hat Enterprise Linux Identity Manager.
Click GO to display the users in the Red Hat Enterprise Linux Identity Manager server.
In the list of users that displays, click the check box for the labdcadmin user.
Click the drop-down list under Role to Assign. From the list of available roles, select the DataCenterAdmin role for labdcadmin.
Click OK to assign the specified role to the selected user. Notice that the labdcadmin user displays in the Permissions list. This list confirms that the labdcadmin user has been assigned a role granting access to Red Hat Virtualization for the specific data center.
For only the Default data center, assign PowerUserRole to labpoweruser from the lab.example.com profile.
From the same Permissions tab for the Default data center, click the Add button.
In the Add Permission to User dialog box, click the User radio button, if not already selected. Click the drop-down list under Search to select the lab.example.com (lab.example.com-authz) item so that you can use the user accounts from the Red Hat Enterprise Linux Identity Manager.
Click GO to display the users in the Red Hat Enterprise Linux Identity Manager server.
In the list of users that displays, select the check box for the labpoweruser user.
Click the drop-down list under Role to Assign. From the list of available roles, select the PowerUserRole role for labpoweruser.
Click OK to assign the specified role to the selected user. Notice that the labpoweruser user displays in the Permissions list. This list confirms that the labpoweruser user has been assigned a role granting access to Red Hat Virtualization for the specific data center.
For only the Default data center, assign UserRole to labnormaluser from the lab.example.com profile.
From the same Permissions tab for the Default data center, click the Add button.
In the Add Permission to User dialog box, click the User radio button, if not already selected. Click the drop-down list under Search to select the lab.example.com (lab.example.com-authz) item to use the user accounts from the Red Hat Enterprise Linux Identity Manager.
Click GO to display the users in the Red Hat Enterprise Linux Identity Manager server.
In the list of users that displays, select the check box for the labnormaluser user.
Click the drop-down list under Role to Assign. From the list of available roles, select the UserRole role for labnormaluser.
Click OK to assign the specified role to the selected user. Notice that the labnormaluser user displays in the Permissions list. This list confirms that the labnormaluser user has been assigned a role granting access to Red Hat Virtualization for the specific data center.
Sign out as labadmin from the Administration Portal.
Verify that the proper roles have been assigned to the selected users by checking the level of access to the VM Portal for both labnormaluser and labpoweruser.
On the Red Hat Virtualization page located at http://rhvm.lab.example.com/ovirt-engine, click the VM Portal link.
Log in as labnormaluser with the password redhat. Select the lab.example.com profile while logging in.
The virtual machines that exist in the Red Hat Virtualization classroom environment are displayed. The labnormaluser user is allowed to start, stop, suspend, or reboot virtual machines, and can also access the console for those virtual machines. This confirms that the proper role has been assigned to labnormaluser.
Log out from the VM Portal.
Log back in to the VM Portal, this time as labpoweruser with the password redhat. Select the lab.example.com profile while logging in.
The Create Virtual Machine button displays. The presence of this button confirms that labpoweruser has the proper role assigned.
Sign out as labpoweruser from the VM Portal.

Evaluation

On workstation, run the lab users-review grade command to confirm that you have completed this exercise successfully.

[student@workstation ~]$ lab users-review grade

Finish

On workstation, run the lab users-review finish script to complete this exercise.

[student@workstation ~]$ lab users-review finish

This concludes the lab.

Discuss Red Hat Virtualization

Go to community

Welcome to the Red Hat Virtualization (RH318) group in the Red Hat Learning Community!

cschunke

26 wrz 2023

We are excited to launch a space dedicated to the Red Hat Training course Red Hat Virtualization! To gain the most value from this group - click the "Join Group" button in the upper right hand corner of the group home page.We encourage group members to collaborate in this group to discuss topics, ask questions, share best practices and tips, provide course feedback, and share their accomplishments as it relates to RH318.Read more about Red Hat Virtualization here.

284

Revision: rh318-4.3-c05018e