<div dir="ltr">Hi Henry,<div><br></div><div>Thanks for the update. I will wait for Juno. </div><div><br></div><div>Thanks for your time.</div><div><br></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Thu, Jul 17, 2014 at 3:50 PM, Henry Nash <span dir="ltr"><<a href="mailto:henryn@linux.vnet.ibm.com" target="_blank">henryn@linux.vnet.ibm.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word">Hi<div><br></div><div>So the bad news is that you are correct, multi-domain LDAP is not ready in IceHouse (It is marked as experimental.....and it has serious flaws). The good news is that this is fixed for Juno - and this support has already been merged - and will be in the Juno milestone 2 release. Here's the spec that describes the work done:</div>
<div><br></div><div><a href="https://github.com/openstack/keystone-specs/blob/master/specs/juno/multi-backend-uuids.rst" target="_blank">https://github.com/openstack/keystone-specs/blob/master/specs/juno/multi-backend-uuids.rst</a></div>
<div><br></div><div>This support uses the domain-specifc config files approach that is already in IceHouse - so the way you define the LDAP parameters for each domain does not change.</div><div><br></div><div>Henry</div><div>
<div><div><div class="h5"><div>On 17 Jul 2014, at 10:52, foss geek <<a href="mailto:thefossgeek@gmail.com" target="_blank">thefossgeek@gmail.com</a>> wrote:</div><br></div></div><blockquote type="cite"><div><div class="h5">
<div dir="ltr">Dear All,<div><br></div><div><div>We are using LDAP as identity back end and SQL as assignment back end.</div><div><br></div><div>Now I am trying to evaluate Keystone multi-domain support with LDAP (identity) + SQL (assignment)</div>
<div><br></div><div>Does any one managed to setup LDAP/SQL multi-domain environment in Havana/Icehouse?</div><div><br></div><div>Does keystone have suggested LDAP DIT for domains?<br></div></div><div><br></div><div>I gone through the below thread [1] and [2], it seems Keystone multi-domain with LDAP+SQL is not ready in Icehouse. </div>
<div><br></div><div>Hope some one will help.</div><div><br></div><div>Thanks for your time. </div><div><br></div><div>[1]<a href="http://www.gossamer-threads.com/lists/openstack/dev/37705" target="_blank">http://www.gossamer-threads.com/lists/openstack/dev/37705</a><br>
</div><div><br></div><div>[2]<a href="http://lists.openstack.org/pipermail/openstack/2014-January/004900.html" target="_blank">http://lists.openstack.org/pipermail/openstack/2014-January/004900.html</a><br></div><div><br>
</div><div><br></div>
</div></div></div>
_______________________________________________<br>OpenStack-dev mailing list<br><a href="mailto:OpenStack-dev@lists.openstack.org" target="_blank">OpenStack-dev@lists.openstack.org</a><br><a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
</blockquote></div><br></div></div><br>_______________________________________________<br>
OpenStack-dev mailing list<br>
<a href="mailto:OpenStack-dev@lists.openstack.org">OpenStack-dev@lists.openstack.org</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
<br></blockquote></div><br></div>