In the research environment, we have frequent cases where a user is associated with multiple tenants. For example, when you are finishing work on a previous project but are mainly working on the new one. As we move towards domain/tenant/user, we need to ensure that the tools support multi-tenant per user. Correct accounting is critical. This does require extra code but it is relevant given the use cases. Tim Bell CERN From: openstack-bounces+tim.bell=cern.ch at lists.launchpad.net [mailto:openstack-bounces+tim.bell=cern.ch at lists.launchpad.net] On Behalf Of Caitlin Bestler Sent: 29 May 2012 19:18 To: openstack at lists.launchpad.net Subject: [Openstack] Identity API v3 - Why allow multi-tenant users? One of the major complication I see in the API is that users can be associated with multiple tenants. What is the benefit of this? What functionality would be lost if a human user merely had to use a different account with each tenant? There are numerous issues with multi-tenant users. For example, if a user is associated with multiple tenants, who resets the user's password? -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack/attachments/20120529/58f02825/attachment.html> -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5201 bytes Desc: not available URL: <http://lists.openstack.org/pipermail/openstack/attachments/20120529/58f02825/attachment.bin>