Comment 6 for bug 1704205

If we want to enforce the requirement of names, and a valid attribute mapping in case of LDAP deployments, do we bother with a fix? Having conditionals around an attribute keystone requires to be present seems like a contradiction. A fix here will also prolong proper configuration (of LDAP, not keystone).

Another possible route would be to document a way to do this on the LDAP side. If an LDAP deployment doesn't have a consistent attribute to use for names, then couldn't they iterate through all their users and create an attribute specifically for it (e.g. openstack-name)?