It would be nice to have a generic mapping table that can be specified in the config. Since LDAP is fairly malleable and users can create their own schema there is a good chance that people want to use non-standard attributes for various fields with keystone. Also, having a generic mapping table would make it easier for people who are interested in using other ldap servers (such as Active Directory) as a backend.
From my (perhaps limited) experience, the defaults you want for a Unix style environment are: uid, cn, posixAccount
It would be nice to have a generic mapping table that can be specified in the config. Since LDAP is fairly malleable and users can create their own schema there is a good chance that people want to use non-standard attributes for various fields with keystone. Also, having a generic mapping table would make it easier for people who are interested in using other ldap servers (such as Active Directory) as a backend.
From my (perhaps limited) experience, the defaults you want for a Unix style environment are: uid, cn, posixAccount
posixAccount requires cn and uid:
https:/ /www.google. com/search? q=posixaccount+ schema
However, it's possible that people want to use other attributes (again, AD as a prime example)