Jump to: navigation, search

Difference between revisions of "HowtoIntegrateKeystonewithAD"

(talk)
(No difference)

Revision as of 00:00, 1 January 1970

How to integrate Keystone with Active Directory

<SOME TEXT>

Structure (3 different trees for each identity type)

Windows 2008 schema (includes services for unix) Users (OU=Users) AdminUser @id @name @mail DemoUser @id @name @mail Tenants(OU=Tenants) DemoTenant @id @name @description member(AdminUser,DemoUser) AdminRole roleOccupant(AdminUser) MemberRole roleOccupant(DemoUser) Roles(OU=Roles) AdminRole @id @name MemberRole @id @name

Changes on organizationalRole to have groupOfNames as a possible superior

In ADSI Edit go to schema Open CN=Organizational-Role In attribute editor edit possSuperiors Add groupOfNames in the values and click OK

Retrieved from "https://wiki.openstack.org/w/index.php?title=HowtoIntegrateKeystonewithAD&oldid=6752"