There are two issues with the TenantAPI for the ldap Identity.
There is a mistaken attribute_mapping entry, which was mapping
'description' into 'desc'. Per RFC 2256 there should be no need to map
this as the attribute as it is already 'description' in the LDAP
schema. I am not aware of any other schema that would use 'desc'
attribute for a 'groupOfNames' object.
Since there is no support (yet) for users, tenants or roles to be
enabled/disabled there needs to be a attribute_ignore set for the
'enabled' attribute.
Reviewed: https:/ /review. openstack. org/12752 github. com/openstack/ keystone/ commit/ 2c29d4ca4bd8418 23aa57e0cea7e97 d5c2854581
Committed: http://
Submitter: Jenkins
Branch: master
commit 2c29d4ca4bd8418 23aa57e0cea7e97 d5c2854581
Author: Derek Yarnell <email address hidden>
Date: Mon Sep 10 20:52:14 2012 -0400
LDAP backend attribute fixes
R Boden and Adam Young assissted on this patch.
There are two issues with the TenantAPI for the ldap Identity.
There is a mistaken attribute_mapping entry, which was mapping
'description' into 'desc'. Per RFC 2256 there should be no need to map
this as the attribute as it is already 'description' in the LDAP
schema. I am not aware of any other schema that would use 'desc'
attribute for a 'groupOfNames' object.
Since there is no support (yet) for users, tenants or roles to be disabled there needs to be a attribute_ignore set for the
enabled/
'enabled' attribute.
Bug 980085
Change-Id: I40afa7a1345c45 c119e699bf4fd4c 99652f66c2f