Grizzly Keystone report error Code 500 "Internal Server Error" when using keystone user-list via Active Directory server.
Hi all,
I have set up OpenStack Grizzly that depended on https://github.com/mseknibilel/OpenStack-Grizzly-Install-Guide/blob/master/OpenStack_Grizzly_Install_Guide.rst (https://github.com/mseknibilel/OpenSt...)
My active directory server is determined by https://wiki.openstack.org/wiki/HowtoIntegrateKeystonewithAD (https://wiki.openstack.org/wiki/Howto...) . And then I modify the keystone.conf to connect with that.
I fill the attribute as the same as my old keystone.conf which is work before. but there are more added attributes which I don't understand in keystone.conf of Grizzly. So I just leave those attributes there in config.
Now the command keystone endpoint-list, keystone service-list are ok. But I still cannot get user-list, role-list, tenant-list at verison Grizzly. However it is work at old version.
Here is my keystone.conf after modifying for ldap:
[DEFAULT] admin_token = ADMIN log_file = keystone.log log_dir = /var/log/keystone
[sql] connection = mysql://keystoneUser:keystonePass@10.109.37.144/keystone
[identity] driver = keystone.identity.backends.ldap.Identity
default_domain_id = default
[trust] driver = keystone.trust.backends.sql.Trust
enabled = True
[catalog] driver = keystone.catalog.backends.sql.Catalog
[token] driver = keystone.token.backends.sql.Token
[policy] driver = keystone.policy.backends.sql.Policy
[ec2] driver = keystone.contrib.ec2.backends.sql.Ec2
[ssl]
[signing] token_format = UUID
[ldap] url = ldap://10.109.37.118:389 user = cn=administrator,cn=User,dc=npt,dc=sd1 password = cj;5xup2iaixlol suffix = cn=npt,cn=sd1 use_dumb_member = True allow_subtree_delete = False dumb_member = cn=administrator,ou=Users,dc=npt,dc=sd1
page_size = 0
alias_dereferencing = default
query_scope = one
user_tree_dn = cn=Users,dc=npt,dc=sd1 user_filter = user_objectclass = top #user_domain_id_attribute = businessCategory user_id_attribute = cn user_name_attribute = cn user_mail_attribute = email
user_pass_attribute = userPassword
user_enabled_attribute = enabled
user_enabled_mask = 0
user_enabled_default = True
user_attribute_ignore = tenant_id,tenants
user_allow_create = True
user_allow_update = True
user_allow_delete = True
user_enabled_emulation = False
user_enabled_emulation_dn =
tenant_tree_dn = ou=Tenants,dc=npt,dc=sd1
tenant_filter =
tenant_objectclass = top
tenant_domain_id_attribute = businessCategory
tenant_id_attribute = cn tenant_member_attribute = member tenant_name_attribute = cn tenant_desc_attribute = description tenant_enabled_attribute = enabled
tenant_attribute_ignore =
tenant_allow_create = True tenant_allow_update = True tenant_allow_delete = True
tenant_enabled_emulation = False
tenant_enabled_emulation_dn =
role_tree_dn = ou=Roles,dc=npt,dc=sd1
role_filter =
role_objectclass = top role_id_attribute = cn role_name_attribute = cn
role_name_attribute = ou
role_member_attribute = member
role_attribute_ignore =
role_allow_create = True role_allow_update = True role_allow_delete = True
group_tree_dn =
group_filter =
group_objectclass = groupOfNames
group_id_attribute = cn
group_name_attribute = ou
group_member_attribute = member
group_desc_attribute = desc
group_attribute_ignore =
group_allow_create = True
group_allow_update = True
group_allow_delete = True
[auth] methods = password,token password = keystone.auth.plugins.password.Password token = keystone.auth.plugins.token.Token
[filter:debug] paste.filter_factory = keystone.common.wsgi:Debug.factory
[filter:token_auth] paste.filter_factory = keystone.middleware:TokenAuthMiddleware.factory
[filter:admin_token_auth] paste.filter_factory = keystone.middleware:AdminTokenAuthMiddleware.factory
[filter:xml_body] paste.filter_factory = keystone.middleware:XmlBodyMiddleware.factory
[filter:json_body] paste.filter_factory = keystone.middleware:JsonBodyMiddleware.factory
[filter:user_crud_extension] paste.filter_factory = keystone.contrib.user_crud:CrudExtension.factory
[filter:crud_extension] paste.filter_factory = keystone.contrib.admin_crud:CrudExtension.factory
[filter:ec2_extension] paste.filter_factory = keystone.contrib.ec2:Ec2Extension.factory
[filter:s3_extension] paste.filter_factory = keystone.contrib.s3:S3Extension.factory
[filter:url_normalize] paste.filter_factory = keystone.middleware:NormalizingFilter.factory
[filter:sizelimit] paste.filter_factory = keystone.middleware:RequestBodySizeLimiter.factory
[filter:stats_monitoring] paste.filter_factory = keystone.contrib.stats:StatsMiddleware.factory
[filter:stats_reporting] paste.filter_factory = keystone.contrib.stats:StatsExtension.factory
[filter:access_log] paste.filter_factory = keystone.contrib.access:AccessLogMiddleware.factory
[app:public_service] paste ...