ldap anonymous bind
Bug #1762587 reported by
William Hankard
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Keystone LDAP integration |
Fix Committed
|
Wishlist
|
Samuel Allan |
Bug Description
When using the keystone-ldap charm to deploy against an ldap server, the ldap-user and ldap-password are required fields. In instances where no credentials are needed like in an anonymous bind situation one needs to populate dummy data in these fields for the charm to be unblocked for the deployment to proceed. To have keystone query an ldap directory the ldap-user and ldap-password is not needed to successfully bind to the directory. Would it be possible to introduce a feature for using anonymous bind. Thank you
Anonymous bind is supported since Ocata:
https:/
Changed in charm-keystone-ldap: | |
importance: | Undecided → Wishlist |
status: | New → Triaged |
Changed in charm-keystone-ldap: | |
assignee: | nobody → Samuel Walladge (swalladge) |
status: | Triaged → In Progress |
description: | updated |
To post a comment you must log in.
Just an update. If I remove the values ldap-user/ ldap-password from /etc/keystone/ domains/ keystone. domain. conf and restart the keystone service I am able to authenticate against the directory.