Remove configuration options for ldap write support

Keystone removed LDAP write support in Ocata. Prior to that it was
deprecated for several releases.

To minimize confusion, we should remove these configuration options
from the domain-specific backend environment. They're silently ignored
by keystone and give the impression that the functionality still
exists.

This helps keep our keystone configuration clean and up-to-date.

Relevant release notes that advertised this removal:

  https://docs.openstack.org/releasenotes/keystone/ocata.html#relnotes-11-0-0-origin-stable-ocata-other-notes

Change-Id: I24660e34370820d6dc943e1b82a602e40305d5f4
This commit is contained in:
Lance Bragstad 2019-11-19 14:26:39 -06:00
parent d43d314336
commit 8e88083bbc

View File

@ -13,6 +13,3 @@ parameter_defaults:
user_filter: "(memberOf=cn=OSuser,ou=Groups,dc=tripleo,dc=example,dc=com)"
user_objectclass: person
user_id_attribute: cn
user_allow_create: false
user_allow_update: false
user_allow_delete: false