keystone user-create error while LDAP assignment [closed]

asked 2015-02-27 09:38:18 -0600

ogzy gravatar image

I have activated Assginment setting at Juno at keystone as below


[identity] 
driver = keystone.identity.backends.ldap.Identity

[assignment] driver = keystone.assignment.backends.sql.Assignment

Installed slapd, entered my domain as foo.com.tr and set an admin passwod during the installation asks me. Then by using the below ldif i added groups, users, projects and tenants to the DIT


dn: ou=Groups,dc=foo,dc=com,dc=tr
objectClass: top objectClass:
organizationalUnit ou: Groups

dn: ou=Users,dc=foo,dc=com,dc=tr objectClass: top objectClass: organizationalUnit ou: Users

dn: ou=Roles,dc=foo,dc=com,dc=tr objectClass: top objectClass: organizationalUnit ou: Roles

dn: ou=Projects,dc=foo,dc=com,dc=tr objectClass: top objectClass: organizationalUnit ou: Projects


$ ldapsearch -x -LLL -H ldap:/// -b dc=foo,dc=com,dc=tr dn
dn: dc=foo,dc=com,dc=tr
dn: cn=admin,dc=foo,dc=com,dc=tr
dn: ou=Groups,dc=foo,dc=com,dc=tr
dn: ou=Users,dc=foo,dc=com,dc=tr
dn: ou=Roles,dc=foo,dc=com,dc=tr
dn: ou=Projects,dc=foo,dc=com,dc=tr

The problem occurs when i try to add a user

Assuming i have sourced the keystone creds


$ keystone user-create --name admin --pass admin --email oguzyarimtepe@gmail.com
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
An unexpected error prevented the server from fulfilling your request: {'info': 'enabled: attribute type undefined', 'desc': 'Undefined attribute type'} (Disable debug mode to suppress these details.) (HTTP 500)

keystone-all.log:


2015-02-27 17:20:26.056 6550 DEBUG keystone.common.ldap.core [-] LDAP init: use_tls=False tls_cacertfile=None tls_cacertdir=None tls_req_cert=2 tls_avail=1 _common_ldap_initialization /usr/lib/python2.7/dist-packages/keystone/common/ldap/core.py:575
2015-02-27 17:20:26.056 6550 DEBUG keystone.common.ldap.core [-] LDAP bind: who=cn=admin,dc=foo,dc=com,dc=tr simple_bind_s /usr/lib/python2.7/dist-packages/keystone/common/ldap/core.py:891
2015-02-27 17:20:26.057 6550 DEBUG keystone.common.ldap.core [-] LDAP add: dn=cn=0f0c832a043f4e9cbd950a172823657b,ou=Users,dc=foo,dc=com,dc=tr attrs=[('objectClass', [u'person', u'inetOrgPerson']), ('mail', [u'oguzyarimtepe@gmail.com']), ('userPassword', ['*']), ('enabled', [u'TRUE']), ('cn', [u'0f0c832a043f4e9cbd950a172823657b']), ('sn', [u'admin'])] add_s /usr/lib/python2.7/dist-packages/keystone/common/ldap/core.py:910
2015-02-27 17:20:26.057 6550 DEBUG keystone.common.ldap.core [-] LDAP unbind unbind_s /usr/lib/python2.7/dist-packages/keystone/common/ldap/core.py:899
2015-02-27 17:20:26.057 6550 ERROR keystone.common.wsgi [-] {'info': 'enabled: attribute type undefined', 'desc': 'Undefined attribute type'}
2015-02-27 17:20:26.057 6550 TRACE keystone.common.wsgi Traceback (most recent call last):
2015-02-27 17:20:26.057 6550 TRACE keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/keystone/common/wsgi.py", line 223, in __call__
2015-02-27 17:20:26.057 6550 TRACE keystone.common.wsgi     result = method(context, *params)
2015-02-27 17:20:26.057 6550 TRACE keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/keystone/identity/controllers.py", line 82, in ...
(more)
edit retag flag offensive reopen merge delete

Closed for the following reason duplicate question by mpetason
close date 2015-02-27 10:47:30.203819