If you're using the domain config api via `keystone-manage domain_config_upload, it will fail because [ldap]/group_members_are_ids isn't in the whitelisted options [0]. There doesn't seem to be valid case to not have `CONF [ldap] group_members_are_ids` in the whitelist, as it seems like something that could be different per domain.
If you're using the domain config api via `keystone-manage domain_ config_ upload, it will fail because [ldap]/ group_members_ are_ids isn't in the whitelisted options [0]. There doesn't seem to be valid case to not have `CONF [ldap] group_members_ are_ids` in the whitelist, as it seems like something that could be different per domain.
[0] https:/ /github. com/openstack/ keystone/ blob/b433374130 22583ca2e1c509c 4fd23b384da0b2c /keystone/ resource/ core.py# L894-L917