keystone ldap now allows overloading of username and tenant name
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openstack-manuals |
Fix Released
|
High
|
Tom Fifield |
Bug Description
As per https:/
633
634 The default object classes and attributes are intentionally simplistic. They
635 reflect the common standard objects according to the LDAP RFCs. However,
636 in a live deployment, the correct attributes can be overridden to support a
637 preexisting, more complex schema. For example, in the user object, the
638 objectClass posixAccount from RFC2307 is very common. If this is the
639 underlying objectclass, then the *uid* field should probably be *uidNumber* and
640 *username* field either *uid* or *cn*. To change these two fields, the
641 corresponding entries in the Keystone configuration file are::
642
643 [ldap]
644 user_id_attribute = uidNumber
645 user_name_attribute = cn
Changed in openstack-manuals: | |
status: | New → Confirmed |
importance: | Undecided → High |
milestone: | none → folsom |
Changed in openstack-manuals: | |
assignee: | nobody → Tom Fifield (fifieldt) |
status: | Confirmed → In Progress |
Fix proposed to branch: master /review. openstack. org/12620
Review: https:/