yahoo-eng-team team mailing list archive

[Tzach Shefi <tshefi@xxxxxxxxxx>]

Public bug reported:

Running an Icehouse setup, keystone connected to LDAP (Microsoft's AD 2003), doing some house cleaning. 
Keystone user-list gaves a list of users, noticed one old users I'd like to delete. 

Running below with admin user:
# keystone user-delete user1 
You are not authorized to perform the requested action, LDAP user delete. (HTTP 403)

I didn't setup the LDAP connection my self,  it's probably set to ready only. 
How can I remove this user without touching LDAP user, is it even possible? 

Suggest returning a more informative notification: 
 "Keystone configured with LDAP authentication,  please use LDAP to manage users accounts."

** Affects: keystone
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1377840

Title:
  Keystone LDAP delete user -> you are not authorized to perform the
  requested action

Status in OpenStack Identity (Keystone):
  New

Bug description:
  Running an Icehouse setup, keystone connected to LDAP (Microsoft's AD 2003), doing some house cleaning. 
  Keystone user-list gaves a list of users, noticed one old users I'd like to delete. 

  Running below with admin user:
  # keystone user-delete user1 
  You are not authorized to perform the requested action, LDAP user delete. (HTTP 403)

  I didn't setup the LDAP connection my self,  it's probably set to ready only. 
  How can I remove this user without touching LDAP user, is it even possible? 

  Suggest returning a more informative notification: 
   "Keystone configured with LDAP authentication,  please use LDAP to manage users accounts."

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1377840/+subscriptions