What are you going to use LDAP for? Identity/Assignment/both? Do you have unfettered write access into your LDAP?
We use a hybrid driver that will auth against mySQL and LDAP so we can setup service accounts (like nova, neutron, etc). AFAIK LDAP Assignment is being deprecated because nobody uses it. On 3/2/15, 8:36 AM, "Caius Howcroft" <caius.howcr...@gmail.com> wrote: >Hi, > >We are in the process of migrating off MySQL backend for keystone and >into LDAP. Just wondering if anyone ad any experience with this? I'm >going to have to keep all the id's the same (or else go in and change >project ids etc in things like cinder db). Looks like keystone API >doesn't allow me to force a uuid at creation time for projects, roles >and users. I can go in and create the projects etc in a python script >directly, but thats a bit messy. > >Just wondered if anyone had a done this and had a neater solution? > >Caius >-- > >_______________________________________________ >OpenStack-operators mailing list >OpenStack-operators@lists.openstack.org >http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators This E-mail and any of its attachments may contain Time Warner Cable proprietary information, which is privileged, confidential, or subject to copyright belonging to Time Warner Cable. This E-mail is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this E-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this E-mail is strictly prohibited and may be unlawful. If you have received this E-mail in error, please notify the sender immediately and permanently delete the original and any copy of this E-mail and any printout. _______________________________________________ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators