[Openstack] [OpenStack][Keystone][LDAP] Does LDAP driver support for validating subtree user?

Kuo Hugo Tue, 22 May 2012 04:15:32 -0700

Hi Folks ,

I have try with keystone backend by LDAP and Windows AD.


It looks fine . Just want to clarify one point.

For my test result , LDAP driver could only validate users in the
particular container (OU,CN etc.)  and does not include the subtree users.

[ldap]
tree_dn = dc=taiwan,dc=com
user_tree_dn = ou=foo,dc=taiwan,dc=com


For example ....
                User1 :  cn=jeremy,ou=foo,dc=taiwan,dc=com

                User2 :  cn=jordan,ou=bar,ou=foo,dc=taiwan,dc=com

User1 could be validated , and get the token generated by keystone.
User2 could not be validated


Is there any way to validate both User1 and User2  in current design ?


-- 
+Hugo Kuo+
tonyt...@gmail.com
+ <tonyt...@gmail.com>886 935004793

_______________________________________________
Mailing list: https://launchpad.net/~openstack
Post to     : openstack@lists.launchpad.net
Unsubscribe : https://launchpad.net/~openstack
More help   : https://help.launchpad.net/ListHelp

[Openstack] [OpenStack][Keystone][LDAP] Does LDAP driver support for validating subtree user?

Reply via email to