<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 08/04/2016 07:11 AM, Prakash Kanthi
wrote:<br>
</div>
<blockquote
cite="mid:630852352.9230123.1470309100019.JavaMail.yahoo@mail.yahoo.com"
type="cite">
<div style="color:#000; background-color:#fff;
font-family:verdana, helvetica, sans-serif;font-size:13px">
<div id="yui_3_16_0_ym19_1_1470308786992_4888">Hello,</div>
<div id="yui_3_16_0_ym19_1_1470308786992_4888"><br>
</div>
<div id="yui_3_16_0_ym19_1_1470308786992_4888"><br>
</div>
<div id="yui_3_16_0_ym19_1_1470308786992_4888" dir="ltr">Is
there a easy way to enable Multi-Domain support in Mitaka, so
that I can create domains from default 'admin' account?</div>
<div id="yui_3_16_0_ym19_1_1470308786992_4888" dir="ltr"><br>
</div>
<div id="yui_3_16_0_ym19_1_1470308786992_4888" dir="ltr">I
already have following config in
/etc/openstack-dashboard/local_settings file. This allows me
to enter domain during login but does not allow me to create
'domains'.</div>
<div id="yui_3_16_0_ym19_1_1470308786992_4888" dir="ltr"><br>
</div>
<div id="yui_3_16_0_ym19_1_1470308786992_4888" dir="ltr">OPENSTACK_KEYSTONE_URL
= <a class="moz-txt-link-rfc2396E" href="http://%s:5000/v3">"http://%s:5000/v3"</a><br>
</div>
<div dir="ltr" id="yui_3_16_0_ym19_1_1470308786992_5011">OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT
= True</div>
<div dir="ltr" id="yui_3_16_0_ym19_1_1470308786992_5012">OPENSTACK_KEYSTONE_DEFAULT_DOMAIN
= 'default'<br>
</div>
<div dir="ltr" id="yui_3_16_0_ym19_1_1470308786992_5019">
<div dir="ltr" id="yui_3_16_0_ym19_1_1470308786992_5059">CACHES
= {</div>
<div dir="ltr" id="yui_3_16_0_ym19_1_1470308786992_5060">
'default': {</div>
<div dir="ltr" id="yui_3_16_0_ym19_1_1470308786992_5061">
'BACKEND':
'django.core.cache.backends.memcached.MemcachedCache',</div>
<div dir="ltr" id="yui_3_16_0_ym19_1_1470308786992_5062">
'LOCATION': '127.0.0.1:11211',</div>
<div dir="ltr" id="yui_3_16_0_ym19_1_1470308786992_5063"> }</div>
<div dir="ltr" id="yui_3_16_0_ym19_1_1470308786992_5064">}</div>
<div dir="ltr" id="yui_3_16_0_ym19_1_1470308786992_5065"><br
id="yui_3_16_0_ym19_1_1470308786992_5066">
</div>
</div>
</div>
</blockquote>
Depends on the policy you are using. If you are using the default
policy, anyone with an admin role should be able to create a domain:<br>
<br>
<a class="moz-txt-link-freetext" href="http://git.openstack.org/cgit/openstack/keystone/tree/etc/policy.json#n33">http://git.openstack.org/cgit/openstack/keystone/tree/etc/policy.json#n33</a><br>
<br>
<pre><code> "identity:create_domain": "rule:admin_required",
which resolves to
</code><code>"admin_required": "role:admin or is_admin:1",</code>
</pre>
<br>
<br>
<blockquote
cite="mid:630852352.9230123.1470309100019.JavaMail.yahoo@mail.yahoo.com"
type="cite">
<div style="color:#000; background-color:#fff;
font-family:verdana, helvetica, sans-serif;font-size:13px">
<div dir="ltr" id="yui_3_16_0_ym19_1_1470308786992_5019">
<div dir="ltr" id="yui_3_16_0_ym19_1_1470308786992_5067">SESSION_ENGINE
= 'django.contrib.sessions.backends.cache'</div>
<div dir="ltr" id="yui_3_16_0_ym19_1_1470308786992_5068"><br
id="yui_3_16_0_ym19_1_1470308786992_5069">
</div>
</div>
<div id="yui_3_16_0_ym19_1_1470308786992_4888" dir="ltr"><br>
</div>
<div id="yui_3_16_0_ym19_1_1470308786992_4888" dir="ltr">Thanks,</div>
<div id="yui_3_16_0_ym19_1_1470308786992_4888" dir="ltr">Prakash</div>
<div id="yui_3_16_0_ym19_1_1470308786992_4888" dir="ltr"><br>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
OpenStack-operators mailing list
<a class="moz-txt-link-abbreviated" href="mailto:OpenStack-operators@lists.openstack.org">OpenStack-operators@lists.openstack.org</a>
<a class="moz-txt-link-freetext" href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators</a>
</pre>
</blockquote>
<p><br>
</p>
</body>
</html>