openstack-manuals

keystone ldap now allows overloading of username and tenant name

Bug #1041704 reported by Tom Fifield
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
openstack-manuals
Fix Released
High
Tom Fifield
openstack-manuals folsom

Bug Description

As per https://review.openstack.org/#/c/11737/ - there's now this new ability for ldap-backed keystone, which should be added to the docs:

   633
   634 The default object classes and attributes are intentionally simplistic. They
   635 reflect the common standard objects according to the LDAP RFCs. However,
   636 in a live deployment, the correct attributes can be overridden to support a
   637 preexisting, more complex schema. For example, in the user object, the
   638 objectClass posixAccount from RFC2307 is very common. If this is the
   639 underlying objectclass, then the *uid* field should probably be *uidNumber* and
   640 *username* field either *uid* or *cn*. To change these two fields, the
   641 corresponding entries in the Keystone configuration file are::
   642
   643 [ldap]
   644 user_id_attribute = uidNumber
   645 user_name_attribute = cn

Tom Fifield (fifieldt)
Changed in openstack-manuals:
status: New → Confirmed
importance: Undecided → High
milestone: none → folsom
Tom Fifield (fifieldt)
Changed in openstack-manuals:
assignee: nobody → Tom Fifield (fifieldt)
status: Confirmed → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-manuals (master)

Fix proposed to branch: master
Review: https://review.openstack.org/12620

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-manuals (master)

Reviewed: https://review.openstack.org/12620
Committed: http://github.com/openstack/openstack-manuals/commit/5f018d18ed5444bf43dd1d326399e88703f0ff6b
Submitter: Jenkins
Branch: master

commit 5f018d18ed5444bf43dd1d326399e88703f0ff6b
Author: Tom Fifield <email address hidden>
Date: Sat Sep 8 11:28:56 2012 +1000

    Extended section on overloading ldap attrs

    fixes bug 1041704

    This new overloading attributes functionality was introduced
    recently, and this patch extends the section with some text
    stolen from the keystone commit notes.

    Change-Id: Ibed2b12bc43ae4220128c5ce8435f83a74758a16

Changed in openstack-manuals:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.