keystone user-list with ldap showing local users

asked 2014-06-10 23:42:38 -0500

tizy gravatar image

Hi, We are trying to integrate with our corporate ldap. So, instead of trying to integrate directly we created a sample active directory with the same ou structure as per the openstack documentation. OU=Openstack OU=Project -->OU=admin ,OU=services 2. OU=Roles.Inside admin OU there are two users, AdminUser and DemoUser with admin roles . We changed the keystone.conf file to set the identity driver to ldap and changed [ldap] section to point to these OU structures in the user_tree_dn section, tenant_tree_dn and role_tree_dn sections.

Restarted the keystone service and set the environment variables to credentials of user in ldap. When keystone user-list is called it is showing the users stored in the local sql only. If we again give keystone-user-list it shows Could not find user. We are struggling with this random behavior of keystone user-list command. Please help on why it is showing such a random behaviour and not listing ldap users whereas listing local users even though identity is changed to ldap.

We have the deployment on Havana version using Fuel v4.0. It is running the nova-network networking service. The keystone api is of version 2.0.

Thanks, Tizy

edit retag flag offensive close merge delete