45 lines
1.4 KiB
YAML
45 lines
1.4 KiB
YAML
options:
|
|
domain-name:
|
|
type: string
|
|
default:
|
|
description: Name of the keystone domain to configure; defaults to the deployed application name.
|
|
ldap-server:
|
|
type: string
|
|
default:
|
|
description: |
|
|
LDAP server URL for keystone identity backend.
|
|
.
|
|
Example: ldap://10.10.10.10/
|
|
ldap-user:
|
|
type: string
|
|
default:
|
|
description: |
|
|
Username (Distinguished Name) used to bind to LDAP identity server.
|
|
.
|
|
Example: cn=admin,dc=test,dc=com
|
|
ldap-password:
|
|
type: string
|
|
default:
|
|
description: Password of the LDAP identity server.
|
|
ldap-suffix:
|
|
type: string
|
|
default:
|
|
description: LDAP server suffix to be used by keystone.
|
|
ldap-config-flags:
|
|
type: string
|
|
default:
|
|
description: |
|
|
Additional LDAP configuration options.
|
|
For simple configurations use a comma separated string of key=value pairs.
|
|
"user_allow_create=False, user_allow_update=False, user_allow_delete=False"
|
|
For more complex configurations use a json like string with double quotes
|
|
and braces around all the options and single quotes around complex values.
|
|
"{user_tree_dn: 'DC=dc1,DC=ad,DC=example,DC=com',
|
|
user_allow_create: False,
|
|
user_allow_delete: False}"
|
|
See the README for more details.
|
|
ldap-readonly:
|
|
type: boolean
|
|
default: True
|
|
description: LDAP identity server backend readonly to keystone.
|