* Removes unused schema

* Removes MUST uid from novaUser
* Changes isAdmin to isNovaAdmin
* Adds two new configuration options:
** ldap_user_id_attribute, with a default of uid
** ldap_user_name_attribute, with a default of cn
* ldapdriver.py has been modified to use these changes

Rationale:

Removing uid from novaUser:

Requiring uid makes the schema very posix specific. Other schemas don't use uid for identifiers at all. This
change makes the schema more interoperable.

Changing isAdmin to isNovaAdmin:

This attribute is too generic. It doesn't describe what the user is an admin of, and in a pre-existing directory
is out of place. This change is to make the attribute more specific to the software.

Adding config options for id and name:

This is another interoperability change. This change makes the driver more compatible with directories like AD,
where sAMAccountName is used instead of uid. Also, some directory admins prefer to use displayName rather than
CN for full names of users.

nova/auth/ldapdriver.py

@@ -37,6 +37,8 @@ flags.DEFINE_string('ldap_url', 'ldap://localhost',
 flags.DEFINE_string('ldap_password', 'changeme', 'LDAP password')
 flags.DEFINE_string('ldap_user_dn', 'cn=Manager,dc=example,dc=com',
                     'DN of admin user')
+flags.DEFINE_string('ldap_user_id_attribute', 'uid', 'Attribute to use as id')
+flags.DEFINE_string('ldap_user_name_attribute', 'cn', 'Attribute to use as name')
 flags.DEFINE_string('ldap_user_unit', 'Users', 'OID for Users')
 flags.DEFINE_string('ldap_user_subtree', 'ou=Users,dc=example,dc=com',
                     'OU for Users')
@@ -131,12 +133,12 @@ class LdapDriver(object):
                              'inetOrgPerson',
                              'novaUser']),
             ('ou', [FLAGS.ldap_user_unit]),
-            ('uid', [name]),
+            (FLAGS.ldap_user_id_attribute, [name]),
             ('sn', [name]),
-            ('cn', [name]),
+            (FLAGS.ldap_user_name_attribute, [name]),
             ('secretKey', [secret_key]),
             ('accessKey', [access_key]),
-            ('isAdmin', [str(is_admin).upper()]),
+            ('isNovaAdmin', [str(is_admin).upper()]),
         ]
         self.conn.add_s(self.__uid_to_dn(name), attr)
         return self.__to_user(dict(attr))
@@ -274,7 +276,7 @@ class LdapDriver(object):
         if secret_key:
             attr.append((self.ldap.MOD_REPLACE, 'secretKey', secret_key))
         if admin is not None:
-            attr.append((self.ldap.MOD_REPLACE, 'isAdmin', str(admin).upper()))
+            attr.append((self.ldap.MOD_REPLACE, 'isNovaAdmin', str(admin).upper()))
         self.conn.modify_s(self.__uid_to_dn(uid), attr)
 
     def __user_exists(self, uid):
@@ -450,11 +452,11 @@ class LdapDriver(object):
         if attr == None:
             return None
         return {
-            'id': attr['uid'][0],
-            'name': attr['cn'][0],
+            'id': attr[FLAGS.ldap_user_id_attribute][0],
+            'name': attr[FLAGS.ldap_user_name_attribute][0],
             'access': attr['accessKey'][0],
             'secret': attr['secretKey'][0],
-            'admin': (attr['isAdmin'][0] == 'TRUE')}
+            'admin': (attr['isNovaAdmin'][0] == 'TRUE')}
 
     def __to_project(self, attr):
         """Convert ldap attributes to Project object"""
@@ -474,9 +476,10 @@ class LdapDriver(object):
         return dn.split(',')[0].split('=')[1]
 
     @staticmethod
-    def __uid_to_dn(dn):
+    def __uid_to_dn(uid):
         """Convert uid to dn"""
-        return 'uid=%s,%s' % (dn, FLAGS.ldap_user_subtree)
+        return FLAGS.ldap_user_id_attribute + '=%s,%s' \
+            % (uid, FLAGS.ldap_user_subtree)
 
 
 class FakeLdapDriver(LdapDriver):