Support for LDAP groups (bug #1092187)

Also covers Domain CRUD.

Fixes Bug #1092187

Change-Id: If2266ed382edfedfad3eef450ce58640ca4b4657

1 files changed, 15 insertions, 1 deletions

diff --git a/keystone/config.py b/keystone/config.py
index 8f4ac16a..c1706a46 100644
--- a/keystone/config.py
+++ b/keystone/config.py
@@ -310,12 +310,26 @@ register_str('group_id_attribute', group='ldap', default='cn')
 register_str('group_name_attribute', group='ldap', default='ou')
 register_str('group_member_attribute', group='ldap', default='member')
 register_str('group_desc_attribute', group='ldap', default='description')
-register_str('group_domain_id_attribute', group='ldap', default='domain_id')
+register_str('group_domain_id_attribute', group='ldap',
+             default='businessCategory')
 register_list('group_attribute_ignore', group='ldap', default='')
 register_bool('group_allow_create', group='ldap', default=True)
 register_bool('group_allow_update', group='ldap', default=True)
 register_bool('group_allow_delete', group='ldap', default=True)
 
+register_str('domain_tree_dn', group='ldap', default=None)
+register_str('domain_filter', group='ldap', default=None)
+register_str('domain_objectclass', group='ldap', default='groupOfNames')
+register_str('domain_id_attribute', group='ldap', default='cn')
+register_str('domain_name_attribute', group='ldap', default='ou')
+register_str('domain_member_attribute', group='ldap', default='member')
+register_str('domain_desc_attribute', group='ldap', default='description')
+register_str('domain_enabled_attribute', group='ldap', default='enabled')
+register_list('domain_attribute_ignore', group='ldap', default='')
+register_bool('domain_allow_create', group='ldap', default=True)
+register_bool('domain_allow_update', group='ldap', default=True)
+register_bool('domain_allow_delete', group='ldap', default=True)
+
 # pam
 register_str('url', group='pam', default=None)
 register_str('userid', group='pam', default=None)