Bug 1122354 - [RFE][keystone]: Automate Keystone AD Integration
Summary: [RFE][keystone]: Automate Keystone AD Integration
Alias: None
Product: Red Hat OpenStack
Classification: Red Hat
Component: RFEs
Version: unspecified
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: ---
Assignee: RHOS Maint
QA Contact:
URL: https://blueprints.launchpad.net/keys...
Whiteboard: upstream_milestone_none upstream_defi...
Depends On:
TreeView+ depends on / blocked
Reported: 2014-07-23 04:04 UTC by RHOS Integration
Modified: 2015-03-19 17:26 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
Last Closed: 2015-03-19 17:17:09 UTC
Target Upstream Version:

Attachments (Terms of Use)

Description RHOS Integration 2014-07-23 04:04:15 UTC
Cloned from launchpad blueprint https://blueprints.launchpad.net/keystone/+spec/keystone-ad-integration.


This blueprint aims to automate the integration of Keystone with AD (LDAP) backend. This ad-Integration tool will be a python script. It will be used to automate the configuration changes required for integration of Keystone with AD. It will also replicate the required OpenStack users, projects and role in AD backend and at last it will check if the integration was successful.

This ad-Integration tool will support the following two ways of integration:

1. Ready Only LDAP
In this the identity driver will be ldap while the assignment driver will be sql. The keystone will use the users from the ldap but the projects, roles and role assignment will be using sql as the backend. This will be used when any enterprises using the AD (LDAP) want to maintain a centralized repository for user credentials but also don’t want to change their AD structure.

2. Only LDAP
In this both the identity and assignment driver will be ldap. In this all users, projects, roles, role assignment will be maintained in AD (LDAP). This will require modification done to AD structure.

Specification URL (additional information):


Note You need to log in before you can comment on or make changes to this bug.