yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1408845] Re: Disabling user in ldap breaks user-list for project

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1408845@xxxxxxxxxxxxxxxxxx>
Date: Tue, 19 May 2015 04:17:31 -0000
Reply-to: Bug 1408845 <1408845@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

[Expired for Keystone because there has been no activity for 60 days.]

** Changed in: keystone
       Status: Incomplete => Expired

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1408845

Title:
  Disabling user in ldap breaks user-list for project

Status in OpenStack Identity (Keystone):
  Expired

Bug description:
  Disabling user in ldap brakes user-list for project.

  Step to reproduce.

  * create a "testuser" user in ldap backend for keystone.
  * check that user exist in user list.
  * assign some role to this user in any test project.
  * check that this user appear in keystone user-list --tenant_id=testtenantid
  * disable this user in ldap or remove it from the group.
  * the user will disappear from user list but the command keystone user-list --tenant_id=testtenantid will return "User "testuser" not found." error in api and in keystone error log.

  The workaround is to remove  role for user from user_project_metadata
  table in keystone database.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1408845/+subscriptions

References

[Bug 1408845] [NEW] Disabling user in ldap brakes user-list for project
From: Oleksii Aleksieiev, 2015-01-09