openstack group contains user command returns empty on LDAP groups

asked 2018-06-21 11:57:17 -0500

Tyler83 gravatar image

I have a vanilla ocata openstack install.

I setup LDAP in a "users" domain in the openstack install. When I do openstack user list on the domain it pulls the LDAP user list showing its connection is working.

However when I do openstack group contains user for the domain the groups are always empty. I have been searching and can't not find any in depth ideas to trouble shoot the LDAP setup when groups are having problems.

I would apperciate help or if someone can point me in the right direction.

Keystone domain config for users and groups:

user_tree_dn = ou=Users,dc='domainInfo',dc='domainInfo'
user_objectclass = inetOrgPerson
user_name_attribute = uid
user_pass_attribute = userPassword

group_tree_dn = ou=Groups,dc='domainInfo',dc='domainInfo'
group_objectclass = posixGroup
group_name_attribute = cn
group_desc_attribute = cn
group_member_attribute = memberUid
group_members_are_ids = true

edit retag flag offensive close merge delete