yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #41379
[Bug 1517694] [NEW] delete project fail using ldap backend identity driver
Public bug reported:
delete project fail using ldap backend identity driver
1.In the [identity] section of keystone.conf, replace driver = keystone.identity.backends.sql.Identity with driver = keystone.identity.backends.ldap.Identity.
2.Update the [ldap] section to reflect LDAP server configuration. as follows:
[ldap]
url = ldap://localhost
user = cn=Manager,dc=my-domain,dc=com
password = 123456
suffix = dc=my-domain,dc=com
user_tree_dn = ou=users,dc=my-domain,dc=com
user_objectclass = inetOrgPerson
tenant_tree_dn = ou=projects,dc=my-domain,dc=com
tenant_objectclass=groupOfNames
role_tree_dn = ou=roles,dc=my-domain,dc=com
role_objectclass=organizationalRole
group_tree_dn = ou=groups,dc=my-domain,dc=com
use_dumb_member = True
allow_subtree_delete = True
3. restart keystone
4. create default data like users (e.g. admin), project (e.g. admin project) and role (e.g. admin or member role)
5.delete project ,failure reason as follows
# kestone --debug tenant-delete test
DEBUG:keystoneclient.session:REQ: curl -g -i -X DELETE http://10.43.211.108:35357/v2.0/tenants/a4d874fa21f048cc830ef83296c04e29 -H "User-Agent: python-keystoneclient" -H "Accept: application/json" -H "X-Auth-Token: {SHA1}fcf0bdd1b74b11623c46762555379ed7a1dc80f4"
INFO:requests.packages.urllib3.connectionpool:Starting new HTTP connection (1): 10.43.211.108
DEBUG:requests.packages.urllib3.connectionpool:"DELETE /v2.0/tenants/a4d874fa21f048cc830ef83296c04e29 HTTP/1.1" 404 114
DEBUG:keystoneclient.session:RESP:
DEBUG:keystoneclient.session:Request returned failure status: 404
Could not find role: a4d874fa21f048cc830ef83296c04e29 (HTTP 404) (Request-ID: req-bf6ec82f-27b8-42fe-a020-af94373a620c)
** Affects: keystone
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1517694
Title:
delete project fail using ldap backend identity driver
Status in OpenStack Identity (keystone):
New
Bug description:
delete project fail using ldap backend identity driver
1.In the [identity] section of keystone.conf, replace driver = keystone.identity.backends.sql.Identity with driver = keystone.identity.backends.ldap.Identity.
2.Update the [ldap] section to reflect LDAP server configuration. as follows:
[ldap]
url = ldap://localhost
user = cn=Manager,dc=my-domain,dc=com
password = 123456
suffix = dc=my-domain,dc=com
user_tree_dn = ou=users,dc=my-domain,dc=com
user_objectclass = inetOrgPerson
tenant_tree_dn = ou=projects,dc=my-domain,dc=com
tenant_objectclass=groupOfNames
role_tree_dn = ou=roles,dc=my-domain,dc=com
role_objectclass=organizationalRole
group_tree_dn = ou=groups,dc=my-domain,dc=com
use_dumb_member = True
allow_subtree_delete = True
3. restart keystone
4. create default data like users (e.g. admin), project (e.g. admin project) and role (e.g. admin or member role)
5.delete project ,failure reason as follows
# kestone --debug tenant-delete test
DEBUG:keystoneclient.session:REQ: curl -g -i -X DELETE http://10.43.211.108:35357/v2.0/tenants/a4d874fa21f048cc830ef83296c04e29 -H "User-Agent: python-keystoneclient" -H "Accept: application/json" -H "X-Auth-Token: {SHA1}fcf0bdd1b74b11623c46762555379ed7a1dc80f4"
INFO:requests.packages.urllib3.connectionpool:Starting new HTTP connection (1): 10.43.211.108
DEBUG:requests.packages.urllib3.connectionpool:"DELETE /v2.0/tenants/a4d874fa21f048cc830ef83296c04e29 HTTP/1.1" 404 114
DEBUG:keystoneclient.session:RESP:
DEBUG:keystoneclient.session:Request returned failure status: 404
Could not find role: a4d874fa21f048cc830ef83296c04e29 (HTTP 404) (Request-ID: req-bf6ec82f-27b8-42fe-a020-af94373a620c)
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1517694/+subscriptions
Follow ups
