cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [1/4] git commit: updated refs/heads/master to c7d1b81
Date Wed, 04 May 2016 14:23:51 GMT
Repository: cloudstack
Updated Branches:
  refs/heads/master 4d57ec04a -> c7d1b8142

Set default networkDomain to empty instead of username

The 10th field of createUserAccount is 'networkDomain' ( and it is set
to a var named 'admin', which is the user name.
So, the first user that is created in a domain that links to LDAP, creates the account within
the domain, and sets the 'networkDomain' field to the username. All next users are created
in the same account.

Then we have the situation that in domain SBP we have a user 'rbergsma' that logs in first,
gets an account created and then (unless you override) all VMs started in the SBP domain will
have network domain 'rbergsma'. That is highly confusing and not what is should be.

linkDomainToLdap api call has no 'networkDomain' field, so I propose to make this field empty
(set it to null). It's a sting and null / empty is allowed.

One can also specify the networkDomain when creating a VPC and also there it is allowed to
be null.

When te networkDomain is needed (and is not set in the domain and not in the VPC) it is constructed
by using guest.domain.suffix so there always is a netWork domain to be used.

It makes more sense to manually set it on a domain level, or specify it on the VPC and in
the final case end up with something that is clearly generated (like cs342cloud.local) rather
than the username of someone else.


Branch: refs/heads/master
Commit: 9e1859ee2bbe82ad742c30cd9ca9aa7393d34f36
Parents: ef115ab
Author: Remi Bergsma <>
Authored: Sun Apr 10 19:50:32 2016 +0200
Committer: Remi Bergsma <>
Committed: Sun Apr 10 19:50:32 2016 +0200

 .../src/org/apache/cloudstack/api/command/ | 2 +-
 .../ldap/src/org/apache/cloudstack/ldap/     | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/
index 0ffa840..ae3e706 100644
--- a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/
+++ b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/
@@ -82,7 +82,7 @@ public class LinkDomainToLdapCmd extends BaseCmd {
                     if (account == null) {
                         try {
                             UserAccount userAccount = _accountService.createUserAccount(admin,
"", ldapUser.getFirstname(), ldapUser.getLastname(), ldapUser.getEmail(), null,
-                                    admin, Account.ACCOUNT_TYPE_DOMAIN_ADMIN, domainId, admin,
null, UUID.randomUUID().toString(), UUID.randomUUID().toString(), User.Source.LDAP);
+                                    admin, Account.ACCOUNT_TYPE_DOMAIN_ADMIN, domainId, null,
null, UUID.randomUUID().toString(), UUID.randomUUID().toString(), User.Source.LDAP);
                   "created an account with name " + admin + " in
the given domain " + domainId);
                         } catch (Exception e) {
diff --git a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/
index 7921292..5683b50 100644
--- a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/
+++ b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/
@@ -119,7 +119,7 @@ public class LdapAuthenticator extends AdapterBase implements UserAuthenticator
     private void createCloudStackUserAccount(LdapUser user, long domainId, short accountType)
         String username = user.getUsername();
-        _accountManager.createUserAccount(username, "", user.getFirstname(), user.getLastname(),
user.getEmail(), null, username, accountType, domainId, username, null,
+        _accountManager.createUserAccount(username, "", user.getFirstname(), user.getLastname(),
user.getEmail(), null, username, accountType, domainId, null, null,
                                           UUID.randomUUID().toString(), UUID.randomUUID().toString(),

View raw message