Fixes Bug1130377 devstack ldap set values in keystone.conf

Addressed reviewers comments and added some extra properties
needed by latest version of keystone.
This fix sets some needed values in keystone.conf to ensure
that keystone can add entries to LDAP and remain schema
compliant.  It creates a new special role (_member_) that
is needed by the latest version of keystone and also
fixes tenant_id to be tenantId.

Change-Id: Ia2a1ebb7cbedb0af106c74aa9181843cc9739f5d

files/ldap/openstack.ldif

@@ -19,3 +19,8 @@ ou: Roles
 dn: ou=Projects,dc=openstack,dc=org
 objectClass: organizationalUnit
 ou: Projects
+
+dn: cn=9fe2ff9ee4384b1894a90878d3e92bab,ou=Roles,dc=openstack,dc=org
+objectClass: organizationalRole
+ou: _member_
+cn: 9fe2ff9ee4384b1894a90878d3e92bab

lib/keystone

@@ -99,6 +99,16 @@ function configure_keystone() {
         iniset $KEYSTONE_CONF ldap password  $LDAP_PASSWORD
         iniset $KEYSTONE_CONF ldap user "dc=Manager,dc=openstack,dc=org"
         iniset $KEYSTONE_CONF ldap suffix "dc=openstack,dc=org"
+        iniset $KEYSTONE_CONF ldap use_dumb_member "True"
+        iniset $KEYSTONE_CONF ldap user_attribute_ignore "enabled,email,tenants,tenantId"
+        iniset $KEYSTONE_CONF ldap tenant_attribute_ignore "enabled"
+        iniset $KEYSTONE_CONF ldap tenant_domain_id_attribute "businessCategory"
+        iniset $KEYSTONE_CONF ldap tenant_desc_attribute "description"
+        iniset $KEYSTONE_CONF ldap tenant_tree_dn "ou=Projects,dc=openstack,dc=org"
+        iniset $KEYSTONE_CONF ldap user_domain_id_attribute "businessCategory"
+        iniset $KEYSTONE_CONF ldap user_tree_dn "ou=Users,dc=openstack,dc=org"
+        iniset $KEYSTONE_CONF DEFAULT member_role_id "9fe2ff9ee4384b1894a90878d3e92bab"
+        iniset $KEYSTONE_CONF DEFAULT member_role_name "_member_"
     fi
 
     if [[  "$KEYSTONE_IDENTITY_BACKEND" == "ldap"  ]]; then