© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
f33e652
(Get the code!)
FWIW I decided against doing this when initially implementing, because the keystoneclient interfaces expect either name or ID, and we'd have to have conditional logic to pass the appropriate kwarg, and/or introduce two config file options (as there's no reliable way of deducing whether the stack_user_domain provided by the user is a name or ID)
The other potential issue is sometimes if you pass a name not ID to keystoneclient, it introduces additional policy requirements, e.g doing this may mean that all users need permission to list all domains. So we'll have to test to ensure that's not the case.
Overall, since it's a set-once deployer option (not a user-facing one) it seemed easier and safer to just use the ID consistently.