Re: [Openstack] FreeIPA LDAP + Keystone question: How to assign roles to user?

2012-09-25 Thread
Thanks. Adam. I saw in your blog "Keystone Roles are not yet implemented." In order to make OpenStack work, it seems I have to assign "admin" role to some users On Sep 25, 2012, at 11:01 PM, Adam Young wrote: > On 09/24/2012 10:45 PM, 邱剑 wrote: >> >> Thank

Re: [Openstack] FreeIPA LDAP + Keystone question: How to assign roles to user?

2012-09-24 Thread
Thanks. Adam. Is there any way to configure FreeIPA LDAP to have this structure? Many thanks. On Sep 24, 2012, at 11:10 PM, Adam Young wrote: > Role is grouped in the collection under the Tenant, with the userid in the > members attribute for that role. > > > > On 09/24

Re: [Openstack] FreeIPA LDAP + Keystone question: How to assign roles to user?

2012-09-24 Thread
ng this configuration, can we log in through dashboard? If I want to > implement that, is there any other configuration I have to do? > > 2012/9/24 邱剑 > BTW, here is my configuration: > > [ldap] > url = ldap://10.64.11.199 > tree_dn = cn=accounts,dc=mydomain,dc=

Re: [Openstack] FreeIPA LDAP + Keystone question: How to assign roles to user?

2012-09-23 Thread
=sysaccounts,cn=etc,dc=mydomain,dc=com password = mysudopassword suffix = cn=mydomain,cn=com [identity] driver = keystone.identity.backends.ldap.Identity It seems that keystone LDAP requires role nodes the children of tenant nodes. But FreeIPA has a flat structure. -- 邱剑 美团网技术部系统运维组 - 系统工程师 手机

[Openstack] FreeIPA LDAP + Keystone question: How to assign roles to user?

2012-09-21 Thread
Hi, I was working on using LDAP of FreeIP as backend of Keystone. User and tenants information can be fetched from LDAP. However, I could not figure out how to assign roles to users in specific tenants. I'm wondering whether someone can help? I noticed that Mr. Adam Young had post a blog abou