registry team mailing list archive

Thread
Date

[Bug 681030] [NEW] Nova's LDAP schema has an unneeded requirement on the nis or bis schema

To: registry@xxxxxxxxxxxxxxxxxxx
From: Ryan Lane <681030@xxxxxxxxxxxxxxxxxx>
Date: Wed, 24 Nov 2010 16:30:08 -0000
Reply-to: Bug 681030 <681030@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

Though requiring the nis or bis schema doesn't necessarily exclude
Active Directory, it adds an unneeded and bothersome requirement to
include the nis schema, and forces the use of the uid attribute.

It would be better if the schema defined novaUser as follows:

objectClass (
    novaOCs:1
    NAME 'novaUser'
    DESC 'access and secret keys'
    AUXILIARY
    MUST ( cn )
    MAY  ( accessKey $ secretKey $ isAdmin )
    )

This puts the requirement on person or inetorgperson instead, which is
mostly universally used for user entries.

The code should default to using cn, but the configuration should
default to using uid. Allowing this to be a configurable option allows
users to define which attribute their directory server should be using,
such as sAMAccountName in AD.

** Affects: nova
     Importance: Undecided
         Status: New

-- 
Nova's LDAP schema has an unneeded requirement on the nis or bis schema
https://bugs.launchpad.net/bugs/681030
You received this bug notification because you are a member of Registry
Administrators, which is subscribed to OpenStack.

Follow ups

[Bug 681030] Re: Nova's LDAP schema has an unneeded requirement on the nis or bis schema
From: Ryan Lane, 2010-12-03
[Bug 681030] Re: Nova's LDAP schema has an unneeded requirement on the nis or bis schema
From: Ryan Lane, 2010-11-24
[Bug 681030] [NEW] Nova's LDAP schema has an unneeded requirement on the nis or bis schema
From: Ryan Lane, 2010-11-24

References

[Bug 681030] [NEW] Nova's LDAP schema has an unneeded requirement on the nis or bis schema
From: Ryan Lane, 2010-11-24