incubator-cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chip Childers <chip.child...@sungard.com>
Subject Re: [DISCUSS] Cloudstack to manage User objects in LDAP
Date Wed, 19 Dec 2012 16:47:00 GMT
On Wed, Dec 19, 2012 at 12:59 AM, Manikanta Kattamuri
<manikanta.kattamuri@sungard.com> wrote:
> Hi,
>
> We'd like to be able to have CloudStack manage the user objects from LDAP.
>
> The reason would, be we have a set of other service offerings for the users
> of cloudstack service.
>
> Are there any others facing this type of scenarios and any solutions or
> on-going development to resolve this.
>
> Inputs and thoughts are very much welcome.
>
> Thanks & Regards,
> Manikanta.

So let me add a little color to the problem Mani's talking about
above.  As a cloud provider, we prefer to keep our users within an
OpenLDAP directory.  Lots of reasons for this, but basically it's
because we can have different apps / services authenticating against a
common source.

CloudStack obviously has an LDAP authenticator plugin, but it comes
with the assumption that users / accounts are managed outside of
CloudStack.  We'd like to be able to use the CloudStack UI / API to
manage these user objects, instead of having to stand up an isolated
tool for customers to maintain their accounts.

So I have two questions for the community:

1) Does management of objects in LDAP seem like a reasonable plugin to create?

2) Are there approaches to solving the problem described above that
don't involve creating this plugin (perhaps others have experience
with something similar)?

-chip

Mime
View raw message