Document the LDAP Identity Driver
Bug #949521 reported by
Adam Young
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
Critical
|
Adam Young |
Bug Description
Document how to set up Keystone to use the LDAP identity provider
Changed in keystone: | |
status: | New → Confirmed |
importance: | Undecided → Critical |
milestone: | none → essex-rc1 |
description: | updated |
Changed in keystone: | |
status: | Confirmed → In Progress |
Changed in keystone: | |
status: | Fix Committed → Fix Released |
Changed in keystone: | |
milestone: | essex-rc1 → 2012.1 |
To post a comment you must log in.
Configuring the LDAP Identity Provider ======= ======= ======= ======= ======= ======= ======= ===
=======
Keystone can Use a Directory server to provide the Identity service. An example Schema
for openstack would look like this::
dn: cn=openstack,cn=org
dc: openstack
objectClass: dcObject
objectClass: organizationalUnit
ou: openstack
dn: ou=Groups, cn=openstack, cn=org
objectClass: top
objectClass: organizationalUnit
ou: groups
dn: ou=Users, cn=openstack, cn=org
objectClass: top
objectClass: organizationalUnit
ou: users
dn: ou=Roles, cn=openstack, cn=org
objectClass: top
objectClass: organizationalUnit
ou: users
The corresponding entries in the configuration file are::
[ldap] dc=openstack, dc=org
url = ldap://localhost
suffix = dc=openstack,dc=org
user = dc=Manager,
password = badpassword