<html>
  <head>
    <meta content="text/html; charset=windows-1252"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    <div class="moz-cite-prefix">On 04/07/2015 09:34 AM, Kuo Hugo wrote:<br>
    </div>
    <blockquote
cite="mid:CA++_uhtZX-4iqzegB9FzgpiuVmv4v4Zh_+WuJ9wpLnFScH_hJA@mail.gmail.com"
      type="cite">
      <div dir="ltr">Hi Steve, 
        <div><br>
        </div>
        <div>Good explanation. It's much more clear on top of my mind
          now.</div>
        <div><br>
        </div>
      </div>
    </blockquote>
    <br>
    <a class="moz-txt-link-freetext" href="http://adam.younglogic.com/2015/03/troubleshoot-new-keystone/">http://adam.younglogic.com/2015/03/troubleshoot-new-keystone/</a><br>
    <br>
    <blockquote
cite="mid:CA++_uhtZX-4iqzegB9FzgpiuVmv4v4Zh_+WuJ9wpLnFScH_hJA@mail.gmail.com"
      type="cite">
      <div dir="ltr">
        <div>Thanks a lot. </div>
        <div><br>
        </div>
        <div>Hugo</div>
      </div>
      <div class="gmail_extra"><br>
        <div class="gmail_quote">2015-04-07 21:14 GMT+08:00 Steve
          Martinelli <span dir="ltr"><<a moz-do-not-send="true"
              href="mailto:stevemar@ca.ibm.com" target="_blank">stevemar@ca.ibm.com</a>></span>:<br>
          <blockquote class="gmail_quote" style="margin:0 0 0
            .8ex;border-left:1px #ccc solid;padding-left:1ex"><font
              face="sans-serif">You can't really do this. The
              admin_token
              doesn't represent a user, and has no role or</font>
            <br>
            <font face="sans-serif">authorization associated with it. It
              just bypasses the authentication process.</font>
            <br>
            <br>
            <font face="sans-serif">If you have an admin user, grant the
              admin user the admin role on the new domain,</font>
            <br>
            <font face="sans-serif">and they should be able to create
              sample
              data.</font>
            <br>
            <font face="sans-serif"><br>
              Thanks,<br>
              <br>
              Steve Martinelli<br>
              OpenStack Keystone Core</font>
            <br>
            <br>
            <tt><font>Kuo Hugo <<a moz-do-not-send="true"
                  href="mailto:tonytkdk@gmail.com" target="_blank">tonytkdk@gmail.com</a>>
                wrote on 04/07/2015
                06:53:25 AM:<br>
                <br>
                > From: Kuo Hugo <<a moz-do-not-send="true"
                  href="mailto:tonytkdk@gmail.com" target="_blank">tonytkdk@gmail.com</a>></font></tt>
            <br>
            <tt><font>> To: "<a moz-do-not-send="true"
                  href="mailto:openstack@lists.openstack.org"
                  target="_blank">openstack@lists.openstack.org</a>"
                <<a moz-do-not-send="true"
                  href="mailto:openstack@lists.openstack.org"
                  target="_blank">openstack@lists.openstack.org</a>></font></tt>
            <br>
            <tt><font>> Date: 04/07/2015 07:03 AM</font></tt>
            <br>
            <tt><font>> Subject: [Openstack] [Keystone Juno] How to
                grant
                ResellerAdmin <br>
                > permission(role) to an user ?</font></tt>
            <br>
            <div>
              <div class="h5"><tt><font>> <br>
                    > Hi folks, </font></tt>
                <br>
                <tt><font>> <br>
                    > I'm writing a script to generate sample data
                    for users in different
                    <br>
                    > domains. I got a question about how to create a
                    user who has the <br>
                    > permission as the admin_token in keystone.conf
                    ? </font></tt>
                <br>
              </div>
            </div>
            <tt><font>> <br>
                > Thanks //
                Hugo _______________________________________________<br>
                > Mailing list: </font></tt><a
              moz-do-not-send="true"
              href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack"
              target="_blank"><tt><font>http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</font></tt></a><tt><font><br>
                > Post to     : <a moz-do-not-send="true"
                  href="mailto:openstack@lists.openstack.org"
                  target="_blank">openstack@lists.openstack.org</a><br>
                > Unsubscribe : </font></tt><a
              moz-do-not-send="true"
              href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack"
              target="_blank"><tt><font>http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</font></tt></a><tt><font><br>
              </font></tt></blockquote>
        </div>
        <br>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
Mailing list: <a class="moz-txt-link-freetext" href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a>
Post to     : <a class="moz-txt-link-abbreviated" href="mailto:openstack@lists.openstack.org">openstack@lists.openstack.org</a>
Unsubscribe : <a class="moz-txt-link-freetext" href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a>
</pre>
    </blockquote>
    <br>
  </body>
</html>