Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

After much fun of configuring and rebuilding of devstack many times, I found that a ldap backend configuation is not easy as the localhost mySQL. All examples I found were of users who were connecting to a localhost. I have an enterprise AD LDAP that I must connect to. I did bring up the standard configuration (http://docs.openstack.org/icehouse/install-guide/install/apt/content/keystone-install.html) and found that keystone logs are active and recording data for keystone. Because one needs the keystone logs to verify the existence of a bind success and session to the LDAP or AD backend, I am asking to close this and move on to gathering keystone log information to the testing of keystone LDAP AD server. Will open others as needed.

After much fun of configuring posting a solution this worked placing a project/userid in the local sql and rebuilding of devstack many times, I found that a ldap backend configuation is not easy as the localhost mySQL. All examples I found were of users who were connecting to a localhost. I have an enterprise AD LDAP that I must connect to. I did bring up the standard configuration (http://docs.openstack.org/icehouse/install-guide/install/apt/content/keystone-install.html) and found that keystone logs are active and recording data for keystone. Because one needs the keystone logs to verify the existence of a bind success and session to accessing the LDAP or AD backend, I am asking to close this and move on to gathering keystone log information to server (Active Directory) for user level authentication. The OU is fixed, ie:hardcoded, that is the testing of keystone LDAP AD server. Will open others as needed.discovered caveat.

hybrid SQL and LDAP backends for OpenStack Keystone For havana release but upgraded to idehouse

ttps://github.com/SUSE-Cloud/keystone-hybrid-backend

02jul14

posting a solution this worked placing a a project/userid in the local sql sql and accessing the LDAP server (Active Directory) for user user level authentication. The OU is is fixed, ie:hardcoded, that is the discovered caveat.

hybrid SQL and LDAP backends for OpenStack Keystone For havana release but upgraded to idehouseicehouse

ttps://github.com/SUSE-Cloud/keystone-hybrid-backend

https://github.com/matthewfischer/keystone-hybrid-backend/tree/icehouse-packaging

02jul14posting a solution:

posting a solution this worked placing a project/userid in the local sql and accessing the LDAP server (Active Directory) for user level authentication. The OU is fixed, ie:hardcoded, that is the discovered caveat.

hybrid SQL and LDAP backends for OpenStack Keystone For havana release but upgraded to icehouse

https://github.com/matthewfischer/keystone-hybrid-backend/tree/icehouse-packaging