From 96dea469c9de72a9ef6ee0c03833c4f3ff2f9f8f Mon Sep 17 00:00:00 2001
From: Sahdev Zala <spzala@us.ibm.com>
Date: Mon, 17 Jun 2013 15:18:44 -0500
Subject: Set default 'ou' name for LDAP projects to Projects

The default ou name for projects/tenants should be Projects, as we normally
use in devstack and ldap live test. Since multiple LDAP objects can
use groupOfNames, setting projects group to Groups is vague.

Fixes Bug1191807

Change-Id: I1718c76320da51a58abf6558a9b8560e908773cb
---
 doc/source/configuration.rst            | 4 ++--
 etc/keystone.conf.sample                | 2 +-
 keystone/identity/backends/ldap/core.py | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/doc/source/configuration.rst b/doc/source/configuration.rst
index 2181be8b..03fa1d63 100644
--- a/doc/source/configuration.rst
+++ b/doc/source/configuration.rst
@@ -1008,7 +1008,7 @@ for openstack would look like this::
   objectClass: organizationalUnit
   ou: openstack
 
-  dn: ou=Groups,dc=openstack,dc=org
+  dn: ou=Projects,dc=openstack,dc=org
   objectClass: top
   objectClass: organizationalUnit
   ou: groups
@@ -1036,7 +1036,7 @@ The corresponding entries in the Keystone configuration file are::
   user_tree_dn = ou=Users,dc=openstack,dc=org
   user_objectclass = inetOrgPerson
 
-  tenant_tree_dn = ou=Groups,dc=openstack,dc=org
+  tenant_tree_dn = ou=Projects,dc=openstack,dc=org
   tenant_objectclass = groupOfNames
 
   role_tree_dn = ou=Roles,dc=openstack,dc=org
diff --git a/etc/keystone.conf.sample b/etc/keystone.conf.sample
index 08154124..9a36316d 100644
--- a/etc/keystone.conf.sample
+++ b/etc/keystone.conf.sample
@@ -192,7 +192,7 @@
 # user_enabled_emulation = False
 # user_enabled_emulation_dn =
 
-# tenant_tree_dn = ou=Groups,dc=example,dc=com
+# tenant_tree_dn = ou=Projects,dc=example,dc=com
 # tenant_filter =
 # tenant_objectclass = groupOfNames
 # tenant_domain_id_attribute = businessCategory
diff --git a/keystone/identity/backends/ldap/core.py b/keystone/identity/backends/ldap/core.py
index 07cd83b6..d2f05266 100644
--- a/keystone/identity/backends/ldap/core.py
+++ b/keystone/identity/backends/ldap/core.py
@@ -498,7 +498,7 @@ class UserApi(common_ldap.EnabledEmuMixIn, common_ldap.BaseLdap, ApiShimMixin):
 # TODO(termie): turn this into a data object and move logic to driver
 class ProjectApi(common_ldap.EnabledEmuMixIn, common_ldap.BaseLdap,
                  ApiShimMixin):
-    DEFAULT_OU = 'ou=Groups'
+    DEFAULT_OU = 'ou=Projects'
     DEFAULT_STRUCTURAL_CLASSES = []
     DEFAULT_OBJECTCLASS = 'groupOfNames'
     DEFAULT_ID_ATTR = 'cn'
-- 
cgit