docs: Clarify lack of LDAP assignment back end

The LDAP assignment backend was removed in Mitaka(!) [1] and should no longer be referenced. Change-Id: I14a4d7fdbaee81792a1ccf9b3bcf5f2d8e237da5
2023-07-04 13:37:36 +01:00 · 2023-07-04 13:37:36 +01:00 · dabaef7c33
parent a2f0236e81
commit dabaef7c33
1 changed files with 4 additions and 12 deletions
--- a/doc/source/admin/integrate-with-ldap.inc
+++ b/doc/source/admin/integrate-with-ldap.inc
@ -17,20 +17,12 @@ authorization (using the *assignment* feature). OpenStack Identity only
 supports read-only LDAP integration.

 The *identity* feature enables administrators to manage users and groups
-by each domain or the OpenStack Identity service entirely.
+by each domain or the OpenStack Identity service entirely. This is
+supported by the LDAP identity back end.

 The *assignment* feature enables administrators to manage project role
-authorization using the OpenStack Identity service SQL database, while
-providing user authentication through the LDAP directory.
-
-.. NOTE::
-
-    It is possible to isolate identity related information to LDAP in a
-    deployment and keep resource information in a separate datastore. It is not
-    possible to do the opposite, where resource information is stored in LDAP
-    and identity information is stored in SQL. If the resource or assignment
-    back ends are integrated with LDAP, the identity back end must also be
-    integrated with LDAP.
+authorization using the OpenStack Identity service SQL database. There
+is no assignment back end for LDAP.

 Identity LDAP server set up
 ---------------------------