[openstack-dev] [keystone] Suggested LDAP DIT for domains
David Chadwick
d.w.chadwick at kent.ac.uk
Thu Apr 25 15:30:53 UTC 2013
On 25/04/2013 16:06, Adam Young wrote:
> When pressed, the people that are asking for multiple LDAP backends into
> the same keystone server have admitted that they are looking to keep the
> other backends separate as well, esepcially the token backend. Thus, it
> makes sense to have a solution for supporting multiple Keystone servers
> in an Open Stack deployment, and having each LDAP server fronted by its
> own.
This is precisely what we have done with federated keystone. You can try
out our demo here
http://sec.cs.kent.ac.uk/demos/
choose number 8.
We are currently working to add this code into an optional plugin for
the Havana release, as agreed at the dev meeting last week
regards
David
More information about the OpenStack-dev
mailing list