← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1231488] Re: ldap config "user_id_attribute" is ignored

 

*** This bug is a duplicate of bug 1361306 ***
    https://bugs.launchpad.net/bugs/1361306

** This bug has been marked a duplicate of bug 1361306
   Keystone doesn't handle user_attribute_id mapping

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1231488

Title:
  ldap config "user_id_attribute" is ignored

Status in OpenStack Identity (Keystone):
  In Progress
Status in Python client library for Keystone:
  Invalid

Bug description:
  I can sucessfully configure keystone LDAP settings and keystone user-
  list works fine. Shows to me id, name, enabled and email correctly.
  But when I do a "keystone user-get foo" the message shows:

  No user with a name or ID of 'foo' exists.

  The configuration file for user and ldap options are:

  ----
  [ldap]
  url = ldap://ldap.my.company.com
  suffix = dc=my,dc=company,dc=com
  objectClass = posixAccount
  user_tree_dn = ou=people,dc=my,dc=company,dc=com
  user_objectclass = posixAccount
  user_unit = "People"
  user_id_attribute = uid
  user_name_attribute = cn
  user_mail_attribute = mail
  user_pass_attribute = userPassword
  user_enabled_attribute = uidNumber
  user_enabled_mask        = 255
  user_enabled_default     = True
  user_attribute_ignore = tenantId,tenants
  user_allow_create = False
  user_allow_update = False
  user_allow_delete = False
  ----

  I dont use Active Directory, so cn (the default user_id_attribute) is
  the full user name and not a login. In my base login is uid.

  If I do a keystone user-get "Full Name of Foo" works fine. But sorry
  if is a mistake of me, but IMHO, should works with user_id_attribute
  configured in config file.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1231488/+subscriptions