Description of problem: * Some 3rd party (NFV) require the admin user to have the admin role in the Default domain. * Some deployers automatically add the admin user to the Default domain post deployment but it could probably be better to have keystone-manage bootstrap a domain with --bootstrap-domain-name. * We already assign user to project and create the Default domain in the bootstrapping procedure. Version-Release number of selected component (if applicable): Any How reproducible: All the time Steps to Reproduce: 1. Deploy overcloud 2. Verify role for admin user in Default domain Actual results: Admin user doesn't have admin role in Default domain Expected results: Admin user should have admin role in Default domain Additional info: At least Trillio is known to require this. Adam Young says the right place to do it would be in the upstream keystone-manager bootstrap.
Can you provide the upstream feedback to the Customer, so we can confirm if we can close this BZ?