From f32def0216b042aa31f4736e9e863cf2332dfbe7 Mon Sep 17 00:00:00 2001
From: Kevin Carter <kevin.carter@rackspace.com>
Date: Sun, 20 Sep 2015 00:02:46 -0500
Subject: [PATCH] Fix for keystone LDAP pkg missing

This change adds the python-ldap package to keystone by default and
improves the conditional by which the ldap domain specific config
drivers are loaded.

Change-Id: Idf85bb109654cbb46755928504d6a19c090a7514
Closes-bug: 1497669
---
 playbooks/roles/os_keystone/defaults/main.yml          | 1 +
 playbooks/roles/os_keystone/templates/keystone.conf.j2 | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/playbooks/roles/os_keystone/defaults/main.yml b/playbooks/roles/os_keystone/defaults/main.yml
index e8ede18c76..f57fb3cc71 100644
--- a/playbooks/roles/os_keystone/defaults/main.yml
+++ b/playbooks/roles/os_keystone/defaults/main.yml
@@ -346,6 +346,7 @@ keystone_pip_packages:
   - pycrypto
   - pysaml2
   - python-keystoneclient
+  - python-ldap
   - python-memcached
   - python-openstackclient
   - repoze.lru
diff --git a/playbooks/roles/os_keystone/templates/keystone.conf.j2 b/playbooks/roles/os_keystone/templates/keystone.conf.j2
index 802904e6f8..60d1611458 100644
--- a/playbooks/roles/os_keystone/templates/keystone.conf.j2
+++ b/playbooks/roles/os_keystone/templates/keystone.conf.j2
@@ -66,7 +66,7 @@ max_active_keys = {{ keystone_fernet_tokens_max_active_keys }}
 
 [identity]
 driver = {{ keystone_identity_driver }}
-{% if keystone_ldap is defined %}
+{% if keystone_ldap is defined and keystone_ldap.ldap %}
 domain_config_dir = {{ keystone_ldap_domain_config_dir }}
 domain_specific_drivers_enabled = True
 {% endif %}