<br><blockquote><br>---------- Original message ----------<br>From:"Adam Young"< ayoung@redhat.com ><br>Date: 6 Dec 12 20:05:14<br>Subject: Re: [rhos-list] Keystone user authentication with existing LDAP<br>To: rhos-list@redhat.com<br><br>
<div class="moz-cite-prefix">On 12/06/2012 07:26 AM, Kumar Vaibhav
wrote:<br>
</div>
<font color="#000"></font><blockquote cite="mid:1354796802.5c5bc7df3d37b2a7ea29e1b47b2bd4ab@mail.in.com" type="cite"><font color="#000">Hi,<br>
<br>
I want to authenticate my users with existing OpenLDAP server. It
already have the username and password for users. <br>
I use this OpenLDAP server for authenticating Linux servers in the
network.<br>
<br>
Is it possible to keep only user information in LDAP.?<br>
</font></blockquote>
<br>
Not yet, sorry.<br>
<br>
<font color="#000"></font><blockquote cite="mid:1354796802.5c5bc7df3d37b2a7ea29e1b47b2bd4ab@mail.in.com" type="cite"><font color="#000"><br>
Since my LDAP server do not have Role, Group, and other Tree DN
available, I want these to be stored in database only. <br>
</font></blockquote>
<font color="#000">>> Can you not modify the LDAP schema? These are trivial to maintain
in LDAP.<br>
<br>
>> Or, are you not going to be modifying the User list?<br><br>Yes I don't want to modify the user list or their Attributes. This LDAP server is managed by other system.<br>
<br>
>> One thing you can try is to sync the user list over to the SQL
Database without passwords, run Keystone in apache and use
mod_auth_ldap to log in. It is an untested configuration, but it
should work.<br><br>It is easy for me to sync the user name and
password from the LDAP to MySQL DB. But the password I have in LDAP is
MD5 encrypted. Openstack-Keystone uses other encryption algorithm. <br>Is it possible to use MD5 as encryption method for keystone?<br><br></font><br>
<font color="#000"></font><blockquote cite="mid:1354796802.5c5bc7df3d37b2a7ea29e1b47b2bd4ab@mail.in.com" type="cite"><font color="#000"><br>
I should have used Only DB also but the problem is my OpenLDAP
server has passwords encrypted in MD5.<br>
<br>
Regards,<br>
Vaibhav<br>
<br>
<br>
<div style="border-top:1px dashed #ccc; border-bottom:1px dashed
#ccc; padding:5px;"><a target=\"_blank\" target="_blank" moz-do-not-send="true" href="http://www3.in.com/sso/commonregister.php?ref=IN&utm_source=invite&utm_medium=outgoing" style="font:13px arial; color:#1E56A1; text-decoration:none;">Get
Yourself a cool, short <b>@in.com</b> Email ID now!</a></div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
rhos-list mailing list
<a target=\"_blank\" target="_blank" class="moz-txt-link-abbreviated" href="mailto:rhos-list@redhat.com">rhos-list@redhat.com</a>
<a target=\"_blank\" target="_blank" class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/rhos-list">https://www.redhat.com/mailman/listinfo/rhos-list</a></pre>
</font></blockquote>
<br>
</blockquote><br><br><div style="border-top:1px dashed #ccc; border-bottom:1px dashed #ccc; padding:5px;"><a href="http://www3.in.com/sso/commonregister.php?ref=IN&utm_source=invite&utm_medium=outgoing" style="font:13px arial; color:#1E56A1; text-decoration:none;">Get Yourself a cool, short <b>@in.com</b> Email ID now!</a></div>