Thanks qiujian! By using this configuration, can we log in through dashboard? If I want to implement that, is there any other configuration I have to do?
2012/9/24 邱剑 <qiuj...@meituan.com> > BTW, here is my configuration: > > [ldap] > url = ldap://10.64.11.199 > tree_dn = cn=accounts,dc=mydomain,dc=com > user_tree_dn = cn=users,cn=accounts,dc=mydomain,dc=com > user_objectclass = person > user_name_attribute = uid > user_id_attribute = uid > tenant_tree_dn = cn=groups,cn=accounts,dc=mydomain,dc=com > tenant_objectclass = posixgroup > tenant_id_attribute = cn > tenant_name_attribute = cn > tenant_member_attribute = member > role_tree_dn = cn=groups,cn=accounts,dc=mydomain,dc=com > role_objectclass = posixgroup > role_id_attribute = cn > role_name_attribute = cn > role_member_attribute = member > user = uid=sudo,cn=sysaccounts,cn=etc,dc=mydomain,dc=com > password = mysudopassword > suffix = cn=mydomain,cn=com > > > [identity] > driver = keystone.identity.backends.ldap.Identity > > It seems that keystone LDAP requires role nodes the children of tenant > nodes. But FreeIPA has a flat structure. > > -- > 邱剑 > 美团网技术部系统运维组 - 系统工程师 > 手机:1381129925 > 邮件:qiuj...@meituan.com > > On Sep 22, 2012, at 12:27 PM, 邱剑 wrote: > > Hi, > > I was working on using LDAP of FreeIP as backend of Keystone. > > User and tenants information can be fetched from LDAP. However, I could > not figure out how to assign roles to users in specific tenants. I'm > wondering whether someone can help? > > I noticed that Mr. Adam Young had post a blog about this topic: > > http://adam.younglogic.com/2012/09/ldaps-against-a-freeipa-server/ > > However, it did not show how to import roles in LDAP. I'm wondering > whether there is any progress about this? > > Many thanks. > > keystone in use was the latest master branch on github on Sep 21, 2012. > > > Jian Qiu > _______________________________________________ > Mailing list: https://launchpad.net/~openstack > Post to : openstack@lists.launchpad.net > Unsubscribe : https://launchpad.net/~openstack > More help : https://help.launchpad.net/ListHelp > > > > _______________________________________________ > Mailing list: https://launchpad.net/~openstack > Post to : openstack@lists.launchpad.net > Unsubscribe : https://launchpad.net/~openstack > More help : https://help.launchpad.net/ListHelp > > -- Huang Shuquan (黄舒泉) Software Institute of Nanjing University Nanjing, P.R.China Mobile: 86 137 7086 4433
_______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
