OpenStack Identity (keystone)

Do not create Domains entry in the LDAP

Bug #1194204 reported by Sahdev Zala on 2013-06-24

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Identity (keystone)	Fix Released	Medium	Sahdev Zala	OpenStack Identity (keystone) 2013.2 "havana"
	devstack	Fix Released	Undecided	Brad Topol

Bug Description

We are creating Domains entry in the devstack and while testing for live LDAP. This can be confusing and not needed since we do not support multiple domains in LDAP.

What we creating right now is,

dn: ou=Domains,dc=openstack,dc=org
objectClass: organizationalUnit
ou: Domains

See original description

Sahdev Zala (spzala) on 2013-06-24

summary:	- Do not create D + Do not create Domains entry in the LDAP
Changed in keystone:
assignee:	nobody → Sahdev Zala (spzala)

Brad Topol (btopol) on 2013-06-24

Changed in devstack:
assignee:	nobody → Brad Topol (btopol)

Revision history for this message

Sahdev Zala (spzala) wrote on 2013-06-24:

Brad, thanks for correcting - it's "we do not support multiple domains in LDAP" (not "multiple LDAP" as I mentioned in the description.. a typing error)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2013-06-26: Fix proposed to devstack (master)

Fix proposed to branch: master
Review: https://review.openstack.org/34566

Changed in devstack:
status:	New → In Progress

Revision history for this message

Dolph Mathews (dolph) wrote on 2013-06-26:

Is there any work to track on the keystone side, or is this limited to devstack?

description:	updated
Changed in keystone:
status:	New → Incomplete

Revision history for this message

Sahdev Zala (spzala) wrote on 2013-06-26:

Hi Dolph, keystone work is needed as well and I will be doing it under this bug. Sorry, seems like I didn't provide enough information to understand the needed work. For Keystone,
1. we are creating "Domains" with live ldap test which is unnecessary and needs to be removed. This includes cleaning up python code for live ldap and config file we use for ldap testing. The TLS config file also has unwanted domains data that needs to be cleaned up as well.
2. we have quite a bit configuration data related to multiple domains (under config.py) which is unwanted now and needs to be cleaned up.

Hope makes sense. Thanks!

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2013-06-27: Fix merged to devstack (master)

Reviewed: https://review.openstack.org/34566
Committed: http://github.com/openstack-dev/devstack/commit/6e88f8e14f5e7f15e37ceebf0f588483ad4bb82b
Submitter: Jenkins
Branch: master

commit 6e88f8e14f5e7f15e37ceebf0f588483ad4bb82b
Author: Brad Topol <email address hidden>
Date: Wed Jun 26 10:26:33 2013 -0500

Remove creation of Domain entries in LDAP

Domain entries are no longer stored in keystone ldap.
Removing the creation from devstack ldap install

Fixes Bug 1194204

Change-Id: I9c93d3021cc2bb058d1ef57bebcf3a13dc5bdd34

Changed in devstack:
status:	In Progress → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2013-07-08: Fix proposed to keystone (master)

Fix proposed to branch: master
Review: https://review.openstack.org/36093

Changed in keystone:
status:	Incomplete → In Progress

Dolph Mathews (dolph) on 2013-07-08

Changed in keystone:
importance:	Undecided → Medium

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2013-07-11: Fix merged to keystone (master)

Reviewed: https://review.openstack.org/36093
Committed: http://github.com/openstack/keystone/commit/83be2d7a8151940516a59b8e962bf124c6744788
Submitter: Jenkins
Branch: master

commit 83be2d7a8151940516a59b8e962bf124c6744788
Author: Sahdev Zala <email address hidden>
Date: Mon Jul 8 09:51:06 2013 -0500

Do not create LDAP Domains sub tree

Since we do not support multiple domains in LDAP, creating Domains sub tree is
unnecessary and confusing.

Fixes Bug1194204

Change-Id: Ie340fe00bd57675afda58318d858ad2089a17a29

Changed in keystone:
status:	In Progress → Fix Committed

Thierry Carrez (ttx) on 2013-07-17

Changed in keystone:
milestone:	none → havana-2
status:	Fix Committed → Fix Released

Thierry Carrez (ttx) on 2013-10-17

Changed in keystone:
milestone:	havana-2 → 2013.2

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.