# This is an example template on how to configure keystone domain specific LDAP
# backends. This will configure a domain called tripleoldap will the attributes
# specified.
parameter_defaults:
  KeystoneLDAPDomainEnable: true
  KeystoneLDAPBackendConfigs:
    tripleoldap:
      url: ldap://192.168.24.251
      user: cn=openstack,ou=Users,dc=tripleo,dc=example,dc=com
      password: Secrete
      suffix: dc=tripleo,dc=example,dc=com
      user_tree_dn: ou=Users,dc=tripleo,dc=example,dc=com
      user_filter: "(memberOf=cn=OSuser,ou=Groups,dc=tripleo,dc=example,dc=com)"
      user_objectclass: person
      user_id_attribute: cn
      user_allow_create: false
      user_allow_update: false
      user_allow_delete: false