ldap assignment driver does not support inherited assignments
Bug #1404273 reported by
Henry Nash
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
The ldap assignment driver really has no support for inherited role assignments. This was not so bad when we just had domain->project inheritance (since the ldap backend doesn't support domains anyway!), but now that we have project->project inheritance, the ldap backend is significantly deficient.
To post a comment you must log in.
The LDAP assignment driver is likely to be deprecated (pending poll results) in which case, this bug will be marked as "wont fix". I'm leaving this bug un-triaged until we make the determination at the mid-cycle.