Ask Your Question

Default role for a tenant in keystone

asked 2014-09-17 05:48:07 -0500

anonymous user


I am using keystone with AD as a backend for identification and I need to keep assignment local, so I set the [assignment] section accordingly.

Now, I would like to assign a default role for a specific tenant to all users. Is that possible? Or do I need to authorise each user?


edit retag flag offensive close merge delete



As far as I know there will not be any role associated to user by default. After fetching the user authentication details from LDAP, we need to associate user with a role.

sushma-korati gravatar imagesushma-korati ( 2014-09-17 07:50:04 -0500 )edit

1 answer

Sort by ยป oldest newest most voted

answered 2014-09-17 08:40:33 -0500

Davide Guerri gravatar image

updated 2014-09-17 11:09:34 -0500

It seems you are right. There is no way to do that in the vanilla keystone. I have found an interesting plugin here: ( that does exactly what I need. Specifically, I have used the assignment backend to give a default role to every user in a specific project.

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2014-09-17 05:48:07 -0500

Seen: 153 times

Last updated: Sep 17 '14