[rhos-list] Keystone user authentication with existing LDAP

[Kumar Vaibhav]

 Original message From:"Adam Young"< ayoung at redhat.com >Date: 6 Dec 12 20:05:14Subject: Re: [rhoslist] Keystone user authentication with existing LDAPTo: rhoslist at redhat.com On 12/06/2012 07:26 AM, Kumar Vaibhavwrote:Hi,I want to authenticate my users with existing OpenLDAP server. Italready have the username and password for users. I use this OpenLDAP server for authenticating Linux servers in thenetwork.Is it possible to keep only user information in LDAP.? Not yet, sorry.Since my LDAP server do not have Role, Group, and other Tree DNavailable, I want these to be stored in database only. >> Can you not modify the LDAP schema? These are trivial to maintainin LDAP.>> Or, are you not going to be modifying the User list?Yes I don't want to modify the user list or their Attributes. This LDAP server is managed by other system.>> One thing you can try is to sync the user list over to the SQLDatabase without passwords, run Keystone in apache and usemodauthldap to log in. It is an u
 ntested configuration, but itshould work.It is easy for me to sync the user name andpassword from the LDAP to MySQL DB. But the password I have in LDAP isMD5 encrypted. OpenstackKeystone uses other encryption algorithm. Is it possible to use MD5 as encryption method for keystone? I should have used Only DB also but the problem is my OpenLDAPserver has passwords encrypted in MD5.Regards,VaibhavGet Yourself a cool, short @in.com Email ID now! rhoslist mailing list rhoslist at redhat.com https://www.redhat.com/mailman/listinfo/rhoslistGet Yourself a cool, short @in.com Email ID now!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/rhos-list/attachments/20121206/ae970609/attachment.htm>