Ask Your Question
0

openstack group list returns sometimes empty list with LDAP

asked 2019-09-02 10:46:20 -0500

smutel gravatar image

Hello,

Our domain is setup with LDAP groups.
Sometimes the command openstack group list returns empty result without any error (just one blank line).
Sometimes the command returns the list of groups.
I sourced the same openstack config files.
The error appears randomly when I type the command several times.

Any idea where this could come from ?

Thanks.

edit retag flag offensive close merge delete

Comments

To me it sounds like a network issue, but have you tried running openstack --debug group list and compare the output from a successful command vs. an empty response?

eblock gravatar imageeblock ( 2019-09-04 04:09:42 -0500 )edit
add a comment

1 answer

Sort by ยป oldest newest most voted
0

answered 2019-09-04 04:34:25 -0500

smutel gravatar image

Hello,

I answer to my own question.
LDAP is reachable from a VIP round robin to several LDAP server.
In one server a LDAP rule denied the access for the user to the openstack specific OU.
We changed the rule and now it works fine.

Thanks.

edit flag offensive delete link more
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2019-09-02 10:20:34 -0500

Seen: 11 times

Last updated: Sep 02

Related questions

Keystone: Users with underscore do not show up in user-list

Revoke tokens for user disabled in LDAP

Hi everyone I'm trying to do Keystone OpenStack ocata with an active directory but facing issue "An unexpected error prevented the server from fulfilling your request. (HTTP 500)"

openldap integration with keystone for authentication

How to integrate identity with ldap ?

authentication with LDAP error

how can i integrate active directory in openstack using keystone ? [closed]

openstack group contains user command returns empty on LDAP groups

(juno) Keystone Active Directory LDAP Connection problem

Keystone AD unable to login INVALID_CREDENTIALS