Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Integrate Active Directory with OpenStack Keystone

I'm new to openstack(version stein). I followed the installation guide that follows:https://docs.openstack.org/fr/install-guide/ . I installed little by little the different services until the end. Now I wish that the users of my ldap sous can connect to openstack. I have for that a windows 2016 server with a ldap (lab.local) installed and secured with ssl so ldaps. To integrate my ldap in keystone, I followed these 2 tutorials: https://www.assistanz.com/active-directory-integrate-keystone/ and https://www.youtube.com/watch?v=Hx8Ic3XDi3c. But arrived at the command : openstack user list --domain LAB, the controller returns me this error: An unexpected error prevented the server from fulfilling your request. (HTTP 500) (Request-ID: req-3ab3004d-7e11-4813-91d4-db736472b12e) So I checked the other openstack commands and they work just like the same command with the default doamine: openstack user list --domain default. So I checked the var /var/log/keystone/keystone.log and I got this error: LDAPServerConnectionError: An unexpected error prevented the server from fulfilling your request. And after looking for the answer to my problem, I used the curl command : curl -v --cacert srvad.lab.local.crt ldaps://srvad.lab.local:636 to check the crt certificate but I get this error: curl (77) problem with the ssl ca cert (path access rights ) REMINDER: ping ip/dns ok