Comment 0 for bug 1603254

OSAD sets up keystone[1] with the following configuration stanza:

[resource]
cache_time = 3600
caching = true
driver = sql

In devstack, additional configuration directives are included to allow for delegation of trusts form the admin project/domain:

admin_project_name = admin
admin_project_domain_name = default

This is what the stanza looks like in devstack:

[resource]
admin_project_name = admin
admin_project_domain_name = default
driver = sql

Please add the missing configuration directives to allow for advanced trust delegation, like Magnum uses.

[1] https://github.com/openstack/keystone/blob/07981bddaf2630922ce3811c999d30b74dadc294/keystone/token/providers/common.py#L269-L285