I second this request - I'm also extremely interested in plugging keystone into an existing LDAP DIT.  I was hoping that I could use pre-existing accounts in LDAP and maybe just add some attributes or something along those lines for roles, tenants, etc...

Is that how it works?

On May 15, 2014, at 6:54 AM, "Devine, Patrick D." <PATRICK.D.DEVINE@leidos.com> wrote:

All,

I have deployed the Havana version of Openstack via Foreman. However now I want to switch Keystone to utilize my LDAP server for authentication vs MySQL. I have followed the instructions for configuring the keystone.conf to point at my server but I haven't seen any documentation on how the LDAP should be populated. For example do I have to re-create all the user accounts for each openstack module? I get that I need to have a people, role, and project set up but there is nothing about what users are needed, how they relate to the project and roles.

Has anyone got their Openstack working with LDAP and if so what does you ldap look like?

Thanks
-- 
Patrick Devine | Leidos

Software Integration Engineer | Command and Intelligence Support Operation

mobile: 443-562-0668 | office: 443-574-4266 | email: Patrick.D.Devine@Leidos.com

Please consider the environment before printing this email.
_______________________________________________
Rdo-list mailing list
Rdo-list@redhat.com
https://www.redhat.com/mailman/listinfo/rdo-list