Ask Your Question
0

Is seperate role authorization and user auth possible with multi domain backend?

asked 2015-01-21 07:58:13 -0500

zsolt-krenak gravatar image

Hi Everyone!

Since the Juno release Keystone is able to use multi domain identity backend: http://docs.openstack.org/developer/k...

Is it possible to setup an LDAP backend for normal user authentication, the SQL backend for service user auth(not just for openstack service users but like for Cloudfy or BOSH etc..), and use the SQL backend for role authoriztaion for both domains?

The only thing is making me unsure about this, is that the docmentation says there can be only one domain with sql backend, and multiple domain with multiple ldap backends.

Thanks for any help!

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted
1

answered 2015-01-21 11:25:13 -0500

updated 2015-01-21 12:06:01 -0500

Yes. That is possible

Update 1: There is no trick. Just make sure you use LDAP only for identity and not for assignment driver

edit flag offensive delete link more

Comments

Thanks! Is there any special trick about it?

zsolt-krenak gravatar imagezsolt-krenak ( 2015-01-21 11:45:18 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2015-01-21 07:58:13 -0500

Seen: 158 times

Last updated: Jan 21 '15