[rhos-list] Openstack LDAP/AD integration at CERN
Adam Young
ayoung at redhat.com
Thu Sep 13 01:25:13 UTC 2012
On 09/12/2012 03:24 PM, Jose Castro Leon wrote:
> Sorry, I mean organizationalRole. When adding a user to a role it creates a structure like this:
>
> Tenant (groupOfNames)
> | @member(user)
> |
> --> Role (organizationalRole)
> @roleOccupant (user)
>
> The problem is that on AD a organizationalRole could not be a children of a groupOfNames
> This is why we modify the AD schema a bit, in order to make it work
>
> Kind regards,
> Jose Castro Leon
>
> _______________________________________________
> rhos-list mailing list
> rhos-list at redhat.com
> https://www.redhat.com/mailman/listinfo/rhos-list
That is unfortunate. Would using Organization or Organizational-Unit
make more sense? Does organizationalRole need to be put into an
attribute instead?
More information about the rhos-list
mailing list