Open Stack

On Friday 24 July 2015 09:29:32 Dave Walker wrote:
> On 24 July 2015 at 05:00, Julian Edwards <bigjools at gmail.com> wrote:
> Tl;DR is that the *User* management can come from LDAP via the
> Identity driver, but the Project/Tenants and Roles on these come from
> the *Assignment* driver via SQL - almost as an overlay.
> 
> This would seem to solve the issue you outline?

As far as I understand the issue is that corps want to have users in read-only 
LDAP and have an ability to create groups outside of LDAP, in SQL.

Am I right?

-- 
Best regards,
Boris Bobrov