From 98ef59a59973954f5396df4898ffc1d1df98b9c2 Mon Sep 17 00:00:00 2001
From: Steven Hardy <shardy@redhat.com>
Date: Mon, 7 Dec 2015 17:33:42 +0000
Subject: [PATCH] [install] Fix heat trustee configuration

The current example config is broken with the default deferred
authentication of trusts - the project_domain_id and project_name
cannot be specified in this section or keystone will throw a
"cannot be scoped to multiple targets" error when we attempt to get
a token scoped to a trust.

Also, the auth_uri is unused by the keystoneclient password auth
plugins, so remove it (it has been a source of confusion in the
referenced bug).

Change-Id: I6305be3c693993de4d16d82fd6de936e92c437c5
Closes-Bug: #1300246
Backport: liberty
---
 doc/install-guide/source/heat-install.rst | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/doc/install-guide/source/heat-install.rst b/doc/install-guide/source/heat-install.rst
index cba746dee6..8e41c3fc26 100644
--- a/doc/install-guide/source/heat-install.rst
+++ b/doc/install-guide/source/heat-install.rst
@@ -400,14 +400,11 @@ Install and configure components
 
            [trustee]
            ...
-           auth_uri = http://controller:5000
-           auth_url = http://controller:35357
            auth_plugin = password
-           project_domain_id = default
-           user_domain_id = default
-           project_name = service
+           auth_url = http://controller:35357
            username = heat
            password = HEAT_PASS
+           user_domain_id = default
 
            [clients_keystone]
            ...