ldap Identity backend TenantAPI bugs
Bug #980085 reported by
Derek Yarnell
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
Critical
|
Adam Young |
Bug Description
There are two issues with the TenantAPI for the ldap Identity.
There is a mistaken attribute_mapping entry, which was mapping 'description' into 'desc'. Per RFC 2256 there should be no need to map this as the attribute as it is already 'description' in the LDAP schema. I am not aware of any other schema that would use 'desc' attribute for a 'groupOfNames' object.
Since there is no support (yet) for users, tenants or roles to be enabled/disabled there needs to be a attribute_ignore set for the 'enabled' attribute.
Attached is a diff of the changes.
Changed in keystone: | |
assignee: | nobody → Adam Young (ayoung) |
Changed in keystone: | |
importance: | Undecided → Medium |
Changed in keystone: | |
importance: | Medium → Critical |
milestone: | none → folsom-rc1 |
Changed in keystone: | |
status: | Fix Committed → Fix Released |
Changed in keystone: | |
milestone: | folsom-rc1 → 2012.2 |
To post a comment you must log in.
I've tested the changes and they look good and work.
I'll post a patch to gerrit. Please contact me with the appropriate values to put in as the patch author.