← Back to team overview

openstack team mailing list archive

Re: Keystone client, user belongs to many tenants?

 

The tenant_id field on user creation is the "default tenant" for the user.

Adding a user to additional tenants is done by granting the user one or more roles on those tenants.

All the best,


-          Gabriel

From: openstack-bounces+gabriel.hurley=nebula.com@xxxxxxxxxxxxxxxxxxx [mailto:openstack-bounces+gabriel.hurley=nebula.com@xxxxxxxxxxxxxxxxxxx] On Behalf Of Joshua Harlow
Sent: Wednesday, May 09, 2012 1:46 PM
To: openstack
Subject: [Openstack] Keystone client, user belongs to many tenants?

A question,

I am using anvil to setup the keystone roles/users/tenants.

It seems like the python keystone  client has the following command:

client.users.create

Which seems to take in the following:

create(self, name, password, email, tenant_id=None, enabled=True):

I would assume a user name can be used in multiple tenants but when I am trying to create a user that spans tenants and it seems like it borks.

ClientException: Conflict occurred attempting to store user. (IntegrityError) (1062, "Duplicate entry 'admin' for key 'name'") 'INSERT INTO user (id, name, extra) VALUES (%s, %s, %s)' ('3e14a9c1fd404c7e81c0dba8bd640575', 'admin', '{"password": "$6$rounds=40000$yX5fL51OyGKjuPjr$8yv.S3GpqsKeaHv4GjNY4YW2vvykWzrEV7RX.qJpyy3CjmyXrZMRRJifEzfa7xv1l.NzoggQBXUAESn3Oqm0x/", "enabled": true, "email": "admin@xxxxxxxxxxx", "tenantId": "d1506184877a449a91fc6adcb553ad97"}') (HTTP 409)

Is this supposed to happen? Is the client supposed to send back this much info also (hashed password??) :-P

Any ideas?

References