[openstack-dev] [Keystone] Keystone multi-domain ldap + sql in Icehouse
Dear All, We are using LDAP as identity back end and SQL as assignment back end. Now I am trying to evaluate Keystone multi-domain support with LDAP (identity) + SQL (assignment) Does any one managed to setup LDAP/SQL multi-domain environment in Havana/Icehouse? Does keystone have suggested LDAP DIT for domains? I gone through the below thread [1] and [2], it seems Keystone multi-domain with LDAP+SQL is not ready in Icehouse. Hope some one will help. Thanks for your time. [1]http://www.gossamer-threads.com/lists/openstack/dev/37705 [2]http://lists.openstack.org/pipermail/openstack/2014-January/004900.html ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [Keystone] Keystone multi-domain ldap + sql in Icehouse
Hi So the bad news is that you are correct, multi-domain LDAP is not ready in IceHouse (It is marked as experimental.and it has serious flaws). The good news is that this is fixed for Juno - and this support has already been merged - and will be in the Juno milestone 2 release. Here's the spec that describes the work done: https://github.com/openstack/keystone-specs/blob/master/specs/juno/multi-backend-uuids.rst This support uses the domain-specifc config files approach that is already in IceHouse - so the way you define the LDAP parameters for each domain does not change. Henry On 17 Jul 2014, at 10:52, foss geek thefossg...@gmail.com wrote: Dear All, We are using LDAP as identity back end and SQL as assignment back end. Now I am trying to evaluate Keystone multi-domain support with LDAP (identity) + SQL (assignment) Does any one managed to setup LDAP/SQL multi-domain environment in Havana/Icehouse? Does keystone have suggested LDAP DIT for domains? I gone through the below thread [1] and [2], it seems Keystone multi-domain with LDAP+SQL is not ready in Icehouse. Hope some one will help. Thanks for your time. [1]http://www.gossamer-threads.com/lists/openstack/dev/37705 [2]http://lists.openstack.org/pipermail/openstack/2014-January/004900.html ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [Keystone] Keystone multi-domain ldap + sql in Icehouse
Hi Henry, Thanks for the update. I will wait for Juno. Thanks for your time. On Thu, Jul 17, 2014 at 3:50 PM, Henry Nash hen...@linux.vnet.ibm.com wrote: Hi So the bad news is that you are correct, multi-domain LDAP is not ready in IceHouse (It is marked as experimental.and it has serious flaws). The good news is that this is fixed for Juno - and this support has already been merged - and will be in the Juno milestone 2 release. Here's the spec that describes the work done: https://github.com/openstack/keystone-specs/blob/master/specs/juno/multi-backend-uuids.rst This support uses the domain-specifc config files approach that is already in IceHouse - so the way you define the LDAP parameters for each domain does not change. Henry On 17 Jul 2014, at 10:52, foss geek thefossg...@gmail.com wrote: Dear All, We are using LDAP as identity back end and SQL as assignment back end. Now I am trying to evaluate Keystone multi-domain support with LDAP (identity) + SQL (assignment) Does any one managed to setup LDAP/SQL multi-domain environment in Havana/Icehouse? Does keystone have suggested LDAP DIT for domains? I gone through the below thread [1] and [2], it seems Keystone multi-domain with LDAP+SQL is not ready in Icehouse. Hope some one will help. Thanks for your time. [1]http://www.gossamer-threads.com/lists/openstack/dev/37705 [2]http://lists.openstack.org/pipermail/openstack/2014-January/004900.html ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
