diff options
| author | Adam Young <ayoung@redhat.com> | 2012-07-26 15:30:39 -0400 |
|---|---|---|
| committer | annegentle <anne@openstack.org> | 2012-08-07 14:40:20 -0500 |
| commit | 4f3dcb6c9b23867e6049f24c851b12904aee3b76 (patch) | |
| tree | 052bbe10f132187d06fe26e8c943b0f30f905165 /doc | |
| parent | be073f09d7b9289cb6b555696e25ce7f8b2f5a6e (diff) | |
| download | keystone-4f3dcb6c9b23867e6049f24c851b12904aee3b76.tar.gz keystone-4f3dcb6c9b23867e6049f24c851b12904aee3b76.tar.xz keystone-4f3dcb6c9b23867e6049f24c851b12904aee3b76.zip | |
Allow overloading of username and tenant name in the config files.
Includes documentation and sample config file values.
Bug 997700
Patchset adds DocImpact flag for notifying doc team about these new
config file values.
Change-Id: Ibd3fade3f233a3b89a1c2feaa0a6b5a9569ad86c
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/source/configuration.rst | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/doc/source/configuration.rst b/doc/source/configuration.rst index f765b767..917e8659 100644 --- a/doc/source/configuration.rst +++ b/doc/source/configuration.rst @@ -805,3 +805,16 @@ The corresponding entries in the Keystone configuration file are:: suffix = dc=openstack,dc=org user = dc=Manager,dc=openstack,dc=org password = badpassword + +The default object classes and attributes are intentionally simplistic. They +reflect the common standard objects according to the LDAP RFCs. However, +in a live deployment, the correct attributes can be overridden to support a +preexisting, more complex schema. For example, in the user object, the +objectClass posixAccount from RFC2307 is very common. If this is the +underlying objectclass, then the *uid* field should probably be *uidNumber* and +*username* field either *uid* or *cn*. To change these two fields, the +corresponding entries in the Keystone configuration file are:: + + [ldap] + user_id_attribute = uidNumber + user_name_attribute = cn |