Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1665489

Summary: Blocked - [RFE][Docs][Security] Explain how to use pooling and caching for LDAP integration
Product: Red Hat OpenStack Reporter: Kevin Jones <kejones>
Component: documentationAssignee: RHOS Documentation Team <rhos-docs>
Status: CLOSED CURRENTRELEASE QA Contact: RHOS Documentation Team <rhos-docs>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 13.0 (Queens)CC: mburns, rheslop
Target Milestone: ---Keywords: Documentation, FutureFeature
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-01-26 17:24:56 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1584529    
Bug Blocks:    

Description Kevin Jones 2019-01-11 15:17:19 UTC 
Description of problem:
[1] still has the customer doing the integration with Active Directory or LDAP manually. This causes significant problems with Director operations. In RHOSP 13 there is a single template (keystone_domain_specific_ldap_backend.yaml) that can be added to deployment that does the integration for the user.

Additionally, I'd love to see Ken Holden's optimizations [2] for keystone and AD/LDAP integration worked into the documentation. This is a significant performance boost on large enterprise Domains.

Version-Release number of selected component (if applicable):
13


Actual results:
Documentation still shows users how to do the identity integration manually

Expected results:
Documentation should show how to do this integration in Director

Additional info:
[1] https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/13/html-single/integrate_with_identity_service/
[2] https://www.holdenthecloud.com/2018/05/10/keystone-optimization/
Comment 6 Martin Lopes 2019-05-03 15:25:02 UTC 
Republished guide with revised note highlighting the director-based chapter:

"If you are using director, see Chapter 4, Using domain-specific LDAP backends with director."
https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/13/html-single/integrate_with_identity_service/index#sec-active-directory
Comment 7 Roger Heslop 2022-01-26 17:24:56 UTC 
Documentation has been updated to show LDAP integration using director.

[1] https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/13/html-single/integrate_with_identity_service/index#sec-active-directory
[2] https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/13/html-single/integrate_with_identity_service/index#ldap-director.

Because the dev RFE (comment 5) has been re-targeted to 17.1, I'm going to close this out; there will be another ticket opened to track those RFEs upon release.

If I am missing anything, please let me know, and I'll review what further changes can be made to our current doc set.