Without this change, when an admin tries to delete an LDAP-backed
domain, it fails due to the foreign key relationship in the users table.
Previously, we were assuming that LDAP users existed solely in the LDAP
directory, but this is not true with shadow users. This patch fixes the
logic to delete the shadow users upon domain deletion.
Change-Id: I12a08001e3aa08e4db9438cae425ad1a0a8070f7
Closes-bug: #1801873
(cherry picked from commit 1b16725d066f71a833ca74656c0c3dfe5f815e98)
Reviewed: https:/ /review. openstack. org/649376 /git.openstack. org/cgit/ openstack/ keystone/ commit/ ?id=b5af5c9009e 19b40fce8496f77 7c665f8fa3c644
Committed: https:/
Submitter: Zuul
Branch: stable/rocky
commit b5af5c9009e19b4 0fce8496f777c66 5f8fa3c644
Author: Colleen Murphy <email address hidden>
Date: Mon Mar 25 15:50:26 2019 +0100
Delete shadow users when domain is deleted
Without this change, when an admin tries to delete an LDAP-backed
domain, it fails due to the foreign key relationship in the users table.
Previously, we were assuming that LDAP users existed solely in the LDAP
directory, but this is not true with shadow users. This patch fixes the
logic to delete the shadow users upon domain deletion.
Change-Id: I12a08001e3aa08 e4db9438cae425a d1a0a8070f7 833ca74656c0c3d fe5f815e98)
Closes-bug: #1801873
(cherry picked from commit 1b16725d066f71a