"Fossies" - the Fresh Open Source Software Archive 
Source code changes of the file "doc/source/admin/domain-specific-config.inc" between
keystone-19.0.0.tar.gz and keystone-19.0.1.tar.gz
About: OpenStack Keystone (Core Service: Identity) provides an authentication and authorization service for other OpenStack services. Provides a catalog of endpoints for all OpenStack services. The "Wallaby" series (maintained release).
| domain-specific-config.inc (keystone-19.0.0) | : | domain-specific-config.inc (keystone-19.0.1) | ||
|---|---|---|---|---|
| skipping to change at line 149 | skipping to change at line 149 | |||
| when it first encounters the entity. If the local ID of the entity is from a | when it first encounters the entity. If the local ID of the entity is from a | |||
| backend that does not guarantee to generate UUIDs, a hash algorithm will | backend that does not guarantee to generate UUIDs, a hash algorithm will | |||
| generate a public ID for that entity, which is what will be exposed by | generate a public ID for that entity, which is what will be exposed by | |||
| keystone. | keystone. | |||
| The use of a hash will ensure that if the public ID needs to be regenerated | The use of a hash will ensure that if the public ID needs to be regenerated | |||
| then the same public ID will be created. This is useful if you are running | then the same public ID will be created. This is useful if you are running | |||
| multiple keystones and want to ensure the same ID would be generated whichever | multiple keystones and want to ensure the same ID would be generated whichever | |||
| server you hit. | server you hit. | |||
| .. NOTE:: | ||||
| In case of the LDAP backend, the names of users and groups are not hashed. | ||||
| As a result, these are length limited to 255 characters. Longer names | ||||
| will result in an error. | ||||
| While keystone will dynamically maintain the identity mapping, including | While keystone will dynamically maintain the identity mapping, including | |||
| removing entries when entities are deleted via the keystone, for those entities | removing entries when entities are deleted via the keystone, for those entities | |||
| in backends that are managed outside of keystone (e.g. a read-only LDAP), | in backends that are managed outside of keystone (e.g. a read-only LDAP), | |||
| keystone will not know if entities have been deleted and hence will continue to | keystone will not know if entities have been deleted and hence will continue to | |||
| carry stale identity mappings in its table. While benign, keystone provides an | carry stale identity mappings in its table. While benign, keystone provides an | |||
| ability for operators to purge the mapping table of such stale entries using | ability for operators to purge the mapping table of such stale entries using | |||
| the keystone-manage command, for example: | the keystone-manage command, for example: | |||
| .. code-block:: bash | .. code-block:: bash | |||
| End of changes. 1 change blocks. | ||||
| 0 lines changed or deleted | 6 lines changed or added | |||