← Back to team overview

openstack team mailing list archive

Configuring keystone with ldap

 

I was trying to enable enable keystone with ldap. but always return me with
a  this error. "*Error: *Invalid user name or password." and no log trace
can be found.

my keystone config as following


[ldap]
url = ldap://ldap.example.org
tree_dn = dc=ldap,dc=example,dc=org
user_tree_dn = ou=user,dc=ldap,dc=example,dc=org
tenant_tree_dn = ou=group,dc=ldap,dc=example,dc=org
user = uid=ldapuser,ou=user,dc=ldap,dc=example,dc=org
password = password
suffix = dc=ldap,dc=example,dc=org
user_name_attribute = uid


[identity]
driver = keystone.identity.backends.ldap.Identity




I have few questions.

what am i missing here.
what is the purpose of "role_tree_dn" config does that necessarily needed.
can we enable logs.
there are many groups under tenant_tree_dn do I have to setup which group
to look at.
Is there a sample ldap ldif file and keystone config to loook at?

Thanks


-- 
Thanks..
Regards...

Blog: http://www.yasith.info
Twitter : http://twitter.com/yasithnd
LinkedIn : http://www.linkedin.com/in/yasithnd
GPG Key ID : *57CEE66E*

Follow ups