openstack-manuals/doc/common/tables/keystone-mapping.xml
Gauvain Pocentek 8b2016b5d0 Update the config reference tables
Include the new tables in the documentation.

Fix the cinder-prophetstor_dpl.xml filename and the xiv category.

Manually fix those files for niceness test:
- glance-logging.xml (lines 34, 38), fixed in oslo-incubator
- trove-logging.xml (lines 26, 30), fixed in oslo-incubator
- neutron-openvswitch_agent.xml (line 45), to be fixed in neutron

Closes-Bug: #1340858
Closes-Bug: #1344231
Closes-Bug: #1345956
Closes-Bug: #1346711
Closes-Bug: #1347978
Partial-Bug: #1348329
Closes-Bug: #1352074
Partial-Bug: #1353417
Closes-Bug: #1354622
Closes-Bug: #1339754
Closes-Bug: #1358598
Closes-Bug: #1358259
Closes-Bug: #1357865
Partial-Bug: #1357457
Closes-Bug: #1357421
Change-Id: Id2da7d7762ca954bd552dbf89a9ff28b144efb68
2014-08-19 16:34:25 +02:00

35 lines
2.1 KiB
XML

<?xml version='1.0' encoding='UTF-8'?>
<para xmlns="http://docbook.org/ns/docbook" version="5.0">
<!-- Warning: Do not edit this file. It is automatically
generated and your changes will be overwritten.
The tool to do so lives in openstack-doc-tools repository. -->
<table rules="all" xml:id="config_table_keystone_mapping">
<caption>Description of configuration options for mapping</caption>
<col width="50%"/>
<col width="50%"/>
<thead>
<tr>
<th>Configuration option = Default value</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<th colspan="2">[identity_mapping]</th>
</tr>
<tr>
<td>backward_compatible_ids = True</td>
<td>(BoolOpt) The format of user and group IDs changed in Juno for backends that do not generate UUIDs (e.g. LDAP), with keystone providing a hash mapping to the underlying attribute in LDAP. By default this mapping is disabled, which ensures that existing IDs will not change. Even when the mapping is enabled by using domain specific drivers, any users and groups from the default domain being handled by LDAP will still not be mapped to ensure their IDs remain backward compatible. Setting this value to False will enable the mapping for even the default LDAP driver. It is only safe to do this if you do not already have assignments for users and groups from the default LDAP domain, and it is acceptable for Keystone to provide the different IDs to clients than it did previously. Typically this means that the only time you can set this value to False is when configuring a fresh installation.</td>
</tr>
<tr>
<td>driver = keystone.identity.mapping_backends.sql.Mapping</td>
<td>(StrOpt) Keystone Identity Mapping backend driver.</td>
</tr>
<tr>
<td>generator = keystone.identity.id_generators.sha256.Generator</td>
<td>(StrOpt) Public ID generator for user and group entities. The Keystone identity mapper only supports generators that produce no more than 64 characters.</td>
</tr>
</tbody>
</table>
</para>