python-ldap follows/chases referrals with anonymous access but
this is disabled by default in Active Directory. There is an
argument to set this to default to disabled but for the moment
just present an option for the user to choose.
For further information see:
https://access.redhat.com/solutions/2309891
Change-Id: I83ff3186ecced663a30a028e153f9259427fa13d
Signed-off-by: Christopher Brown <snecklifter@gmail.com>
Option "verbose" from group "DEFAULT" is deprecated for removal.
The parameter has no effect.
-Deprecated verbose for logging and init
-Remove verbose in examples and README
-Remove verbose from tests.
If this option is not set explicitly, there is no such warning.
Change-Id: I2f554c07f71458894aaa5d8079285ac92d0f04a3
Instead of using long backend/drivers name, use short name and stevedore
will load plugins for us.
It will prevent this kind of message in logs:
Failed to load 'keystone.catalog.backends.sql.Catalog' using stevedore:
No 'keystone.catalog' driver found,
Also cleanup unit and functional tests that were setting wrong
credential & assignment drivers.
Change-Id: Id3b8ed63ef9a821eba5374af7ed0fd1c8d755e09
This enable the user to inject multiple ldap backend configurations into
keystone.
Currently the ldap configuration is modeled through a class and injected
inside keystone.conf. In a multiple domains environment, this prevents
the user to create a ldap configuration by domain.
A deprecation warning is added to the current ldap class. This class is
not using the define as doing so would automatically trigger a restart
of the keystone server. This would be unexpected by the openstack
operator and would certainly be seen as a bug. This imply a lot of code
duplication but is required to make a smooth transition.
Change-Id: I75307d4a04510d8ba1a24663b1724849ea5b48f5
