Fixes project and role checking when a user's naming attribute is not uid.

author: Ryan Lane <rlane@wikimedia.org> 2011-01-25 19:17:01 +0000
committer: Tarmac <> 2011-01-25 19:17:01 +0000
commit: b2d0a77c53d1bd108d233e58f68655381cec4e16 (patch)
tree: 9e4c224d36a054136d3a7ec18d0f66da52e05551 /nova/auth
parent: 01e674ac0128e358d9a8c7dbd592c2fc18146dfe (diff)
parent: 9ab4670464e65aaa10f1e032adda2c39b7ca1981 (diff)
download: nova-b2d0a77c53d1bd108d233e58f68655381cec4e16.tar.gz
nova-b2d0a77c53d1bd108d233e58f68655381cec4e16.tar.xz
nova-b2d0a77c53d1bd108d233e58f68655381cec4e16.zip
1 files changed, 4 insertions, 3 deletions
diff --git a/nova/auth/ldapdriver.py b/nova/auth/ldapdriver.py
index 342fa40ac..e652f1caa 100644
--- a/nova/auth/ldapdriver.py
+++ b/nova/auth/ldapdriver.py
@@ -585,10 +585,11 @@ class LdapDriver(object):
         else:
             return None
 
-    @staticmethod
-    def __dn_to_uid(dn):
+    def __dn_to_uid(self, dn):
         """Convert user dn to uid"""
-        return dn.split(',')[0].split('=')[1]
+        query = '(objectclass=novaUser)'
+        user = self.__find_object(dn, query)
+        return user[FLAGS.ldap_user_id_attribute][0]
 
 
 class FakeLdapDriver(LdapDriver):
author	Ryan Lane <rlane@wikimedia.org>	2011-01-25 19:17:01 +0000
committer	Tarmac <>	2011-01-25 19:17:01 +0000
commit	b2d0a77c53d1bd108d233e58f68655381cec4e16 (patch)
tree	9e4c224d36a054136d3a7ec18d0f66da52e05551 /nova/auth
parent	01e674ac0128e358d9a8c7dbd592c2fc18146dfe (diff)
parent	9ab4670464e65aaa10f1e032adda2c39b7ca1981 (diff)
download	nova-b2d0a77c53d1bd108d233e58f68655381cec4e16.tar.gz nova-b2d0a77c53d1bd108d233e58f68655381cec4e16.tar.xz nova-b2d0a77c53d1bd108d233e58f68655381cec4e16.zip