On 29/01/15 12:03, Steven Hardy wrote:
On Thu, Jan 29, 2015 at 11:41:36AM -0500, Zane Bitter wrote:
>IIUC keystone now allows you to add users to a domain that is otherwise
>backed by a read-only backend (i.e. LDAP). If this means that it's now
>possible to configure a cloud so that one need not be an admin to create
>users then I think it would be a really useful thing to expose in Heat. Does
>anyone know if that's the case?
I've not heard of that feature, but it's definitely now possible to
configure per-domain backends, so for example you could have the "heat"
domain backed by SQL and other domains containing real human users backed
by a read-only directory.
OpenStack Development Mailing List (not for usage questions)