yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1649412] [NEW] user to nonlocal_user should be a 1 to 1 table relationship

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Ron De Rose <ronald.de.rose@xxxxxxxxx>
Date: Mon, 12 Dec 2016 21:59:25 -0000
Reply-to: Bug 1649412 <1649412@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

The 'nonlocal_user' table shadows LDAP or custom identity driver users.
Currently, the 'user' to 'nonlocal_user' table relationship is 1 to
many. However, this is inaccurate. For example, there shouldn't be a
user with multiple usernames from a single domain; keystone doesn't
support that. A user belongs to a domain and has a single username.

** Affects: keystone
     Importance: Low
     Assignee: Ron De Rose (ronald-de-rose)
         Status: In Progress

** Changed in: keystone
     Assignee: (unassigned) => Ron De Rose (ronald-de-rose)

** Changed in: keystone
   Importance: Undecided => Low

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1649412

Title:
  user to nonlocal_user should be a 1 to 1 table relationship

Status in OpenStack Identity (keystone):
  In Progress

Bug description:
  The 'nonlocal_user' table shadows LDAP or custom identity driver
  users. Currently, the 'user' to 'nonlocal_user' table relationship is
  1 to many. However, this is inaccurate. For example, there shouldn't
  be a user with multiple usernames from a single domain; keystone
  doesn't support that. A user belongs to a domain and has a single
  username.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1649412/+subscriptions

Follow ups

[Bug 1649412] Re: user to nonlocal_user should be a 1 to 1 table relationship
From: OpenStack Infra, 2016-12-16