federation domain not configured correct
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack-Ansible |
New
|
Undecided
|
Unassigned |
Bug Description
The openstack domain is not configured properly when its defined:
federated_
- domain: default
group: wayf
project: wayf
role: _member_
The task configuring it, takes a wrong parameter domain_id instead of the configured domain:
- name: Ensure external IDP
keystone:
command: ensure_
idp_name: "{{ item.name }}"
login_user: "{{ keystone_
endpoint: "{{ keystone_
insecure: "{{ keystone_
when: item.name is defined
with_items: "{{ keystone_
This results in a newly random created domain for the Federation provider, even though its configured to default
Federation config example: http://
I am sorry, but I'm kind of confused! More info might be needed.
So from my understanding federated_ identities gives you a chance to create any groups/ projects/ roles you may want in place to map federated users to in your protocol rules.
The section of code you've given 'Ensure external IDP' does not look at data specified in the federated_ identities. See https:/ /github. com/openstack/ openstack- ansible- os_keystone/ blob/ec22a56cea 700390c7dd2cf44 b4be9f9220dc078 /library/ keystone_ sp#L77.
I am thinking that you might be actually having issues with the domain_id specified here:
keystone_sp:
...
name: WAYF
domain_id: default
protocols:
...
Where are you seeing the randomly generated domain more specifically?
If you are using the CLI can you specify the command please.