yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #78688
[Bug 1831100] [NEW] Keystone + LDAP list users of a group
Public bug reported:
I have created an LDAP group 'group2' and added users to that group.
When I used the ldap search can see the user in the group.
ldapsearch -x -H ldap://localhost -b cn=group2,ou=groups,dc=test,dc=org
-D "cn=admin,dc=test,dc=org" -w admin "(objectClass=posixGroup)" -S
"memberUid"
I then register my LDAP domain with keystone and can see the list of
groups and also see the list of users but when I try to get the list of
users that belong to a group I am getting a 500 Internal Server Error.
The command I used was
openastack user list --domain lldap --group group2 --debug
and the error is as follows:
GET call to identity for http://127.0.0.1:35357/v3/groups/c6c5a4931e70af09259bcc2111ce569ea5cf386ceacfe485faa7a048873fb578/users?domain_id=d2c019644a344302a9302bcf004fd3e3 used request id req-a0cfd301-7d4c-4ce8-ae74-5b81c0b6a6af
Request returned failure status: 500
An unexpected error prevented the server from fulfilling your request. (HTTP 500) (Request-ID: req-a0cfd301-7d4c-4ce8-ae74-5b81c0b6a6af)
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/cliff/app.py", line 400, in run_subcommand
result = cmd.run(parsed_args)
File "/usr/lib/python2.7/site-packages/osc_lib/command/command.py", line 41, in run
return super(Command, self).run(parsed_args)
File "/usr/lib/python2.7/site-packages/cliff/display.py", line 116, in run
column_names, data = self.take_action(parsed_args)
File "/usr/lib/python2.7/site-packages/openstackclient/identity/v3/user.py", line 266, in take_action
group=group,
File "/usr/lib/python2.7/site-packages/debtcollector/renames.py", line 43, in decorator
return wrapped(*args, **kwargs)
File "/usr/lib/python2.7/site-packages/keystoneclient/v3/users.py", line 136, in list
**kwargs)
File "/usr/lib/python2.7/site-packages/keystoneclient/base.py", line 75, in func
return f(*args, **new_kwargs)
File "/usr/lib/python2.7/site-packages/keystoneclient/base.py", line 397, in list
self.collection_key)
File "/usr/lib/python2.7/site-packages/keystoneclient/base.py", line 125, in _list
resp, body = self.client.get(url, **kwargs)
File "/usr/lib/python2.7/site-packages/keystoneauth1/adapter.py", line 304, in get
return self.request(url, 'GET', **kwargs)
File "/usr/lib/python2.7/site-packages/keystoneauth1/adapter.py", line 463, in request
resp = super(LegacyJsonAdapter, self).request(*args, **kwargs)
File "/usr/lib/python2.7/site-packages/keystoneauth1/adapter.py", line 189, in request
return self.session.request(url, method, **kwargs)
File "/usr/lib/python2.7/site-packages/osc_lib/session.py", line 40, in request
resp = super(TimingSession, self).request(url, method, **kwargs)
File "/usr/lib/python2.7/site-packages/keystoneauth1/session.py", line 737, in request
raise exceptions.from_response(resp, method, url)
InternalServerError: An unexpected error prevented the server from fulfilling your request. (HTTP 500) (Request-ID: req-a0cfd301-7d4c-4ce8-ae74-5b81c0b6a6af)
clean_up ListUser: An unexpected error prevented the server from fulfilling your request. (HTTP 500) (Request-ID: req-a0cfd301-7d4c-4ce8-ae74-5b81c0b6a6af)
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/osc_lib/shell.py", line 134, in run
ret_val = super(OpenStackShell, self).run(argv)
File "/usr/lib/python2.7/site-packages/cliff/app.py", line 279, in run
result = self.run_subcommand(remainder)
File "/usr/lib/python2.7/site-packages/osc_lib/shell.py", line 169, in run_subcommand
ret_value = super(OpenStackShell, self).run_subcommand(argv)
File "/usr/lib/python2.7/site-packages/cliff/app.py", line 400, in run_subcommand
result = cmd.run(parsed_args)
File "/usr/lib/python2.7/site-packages/osc_lib/command/command.py", line 41, in run
return super(Command, self).run(parsed_args)
File "/usr/lib/python2.7/site-packages/cliff/display.py", line 116, in run
column_names, data = self.take_action(parsed_args)
File "/usr/lib/python2.7/site-packages/openstackclient/identity/v3/user.py", line 266, in take_action
group=group,
File "/usr/lib/python2.7/site-packages/debtcollector/renames.py", line 43, in decorator
return wrapped(*args, **kwargs)
File "/usr/lib/python2.7/site-packages/keystoneclient/v3/users.py", line 136, in list
**kwargs)
File "/usr/lib/python2.7/site-packages/keystoneclient/base.py", line 75, in func
return f(*args, **new_kwargs)
File "/usr/lib/python2.7/site-packages/keystoneclient/base.py", line 397, in list
self.collection_key)
File "/usr/lib/python2.7/site-packages/keystoneclient/base.py", line 125, in _list
resp, body = self.client.get(url, **kwargs)
File "/usr/lib/python2.7/site-packages/keystoneauth1/adapter.py", line 304, in get
return self.request(url, 'GET', **kwargs)
File "/usr/lib/python2.7/site-packages/keystoneauth1/adapter.py", line 463, in request
resp = super(LegacyJsonAdapter, self).request(*args, **kwargs)
File "/usr/lib/python2.7/site-packages/keystoneauth1/adapter.py", line 189, in request
return self.session.request(url, method, **kwargs)
File "/usr/lib/python2.7/site-packages/osc_lib/session.py", line 40, in request
resp = super(TimingSession, self).request(url, method, **kwargs)
File "/usr/lib/python2.7/site-packages/keystoneauth1/session.py", line 737, in request
raise exceptions.from_response(resp, method, url)
InternalServerError: An unexpected error prevented the server from fulfilling your request. (HTTP 500) (Request-ID: req-a0cfd301-7d4c-4ce8-ae74-5b81c0b6a6af)
I am using centos-release-openstack-queens (Queens version of openstack)
and openstack-keystone-13.0.1
** Affects: keystone
Importance: Undecided
Status: New
** Description changed:
I have created an LDAP group 'group2' and added users to that group.
When I used the ldap search can see the user in the group.
ldapsearch -x -H ldap://localhost -b cn=group2,ou=groups,dc=test,dc=org
-D "cn=admin,dc=test,dc=org" -w admin "(objectClass=posixGroup)" -S
"memberUid"
+ I then register my LDAP domain with keystone and can see the list of
+ groups and also see the list of users but when I try to get the list of
+ users that belong to a group I am getting a 500 Internal Server Error.
+ The command I used was
- I then register my LDAP domain with keystone and can see the list of groups and also see the list of users but when I try to get the list of users that belong to a group I am getting a 500 Internal Server Error. The command I used was openastack user list --domain lldap --group group2 --debug and the error is as follows:
+ openastack user list --domain lldap --group group2 --debug
+
+ and the error is as follows:
GET call to identity for http://127.0.0.1:35357/v3/groups/c6c5a4931e70af09259bcc2111ce569ea5cf386ceacfe485faa7a048873fb578/users?domain_id=d2c019644a344302a9302bcf004fd3e3 used request id req-a0cfd301-7d4c-4ce8-ae74-5b81c0b6a6af
Request returned failure status: 500
An unexpected error prevented the server from fulfilling your request. (HTTP 500) (Request-ID: req-a0cfd301-7d4c-4ce8-ae74-5b81c0b6a6af)
Traceback (most recent call last):
- File "/usr/lib/python2.7/site-packages/cliff/app.py", line 400, in run_subcommand
- result = cmd.run(parsed_args)
- File "/usr/lib/python2.7/site-packages/osc_lib/command/command.py", line 41, in run
- return super(Command, self).run(parsed_args)
- File "/usr/lib/python2.7/site-packages/cliff/display.py", line 116, in run
- column_names, data = self.take_action(parsed_args)
- File "/usr/lib/python2.7/site-packages/openstackclient/identity/v3/user.py", line 266, in take_action
- group=group,
- File "/usr/lib/python2.7/site-packages/debtcollector/renames.py", line 43, in decorator
- return wrapped(*args, **kwargs)
- File "/usr/lib/python2.7/site-packages/keystoneclient/v3/users.py", line 136, in list
- **kwargs)
- File "/usr/lib/python2.7/site-packages/keystoneclient/base.py", line 75, in func
- return f(*args, **new_kwargs)
- File "/usr/lib/python2.7/site-packages/keystoneclient/base.py", line 397, in list
- self.collection_key)
- File "/usr/lib/python2.7/site-packages/keystoneclient/base.py", line 125, in _list
- resp, body = self.client.get(url, **kwargs)
- File "/usr/lib/python2.7/site-packages/keystoneauth1/adapter.py", line 304, in get
- return self.request(url, 'GET', **kwargs)
- File "/usr/lib/python2.7/site-packages/keystoneauth1/adapter.py", line 463, in request
- resp = super(LegacyJsonAdapter, self).request(*args, **kwargs)
- File "/usr/lib/python2.7/site-packages/keystoneauth1/adapter.py", line 189, in request
- return self.session.request(url, method, **kwargs)
- File "/usr/lib/python2.7/site-packages/osc_lib/session.py", line 40, in request
- resp = super(TimingSession, self).request(url, method, **kwargs)
- File "/usr/lib/python2.7/site-packages/keystoneauth1/session.py", line 737, in request
- raise exceptions.from_response(resp, method, url)
+ File "/usr/lib/python2.7/site-packages/cliff/app.py", line 400, in run_subcommand
+ result = cmd.run(parsed_args)
+ File "/usr/lib/python2.7/site-packages/osc_lib/command/command.py", line 41, in run
+ return super(Command, self).run(parsed_args)
+ File "/usr/lib/python2.7/site-packages/cliff/display.py", line 116, in run
+ column_names, data = self.take_action(parsed_args)
+ File "/usr/lib/python2.7/site-packages/openstackclient/identity/v3/user.py", line 266, in take_action
+ group=group,
+ File "/usr/lib/python2.7/site-packages/debtcollector/renames.py", line 43, in decorator
+ return wrapped(*args, **kwargs)
+ File "/usr/lib/python2.7/site-packages/keystoneclient/v3/users.py", line 136, in list
+ **kwargs)
+ File "/usr/lib/python2.7/site-packages/keystoneclient/base.py", line 75, in func
+ return f(*args, **new_kwargs)
+ File "/usr/lib/python2.7/site-packages/keystoneclient/base.py", line 397, in list
+ self.collection_key)
+ File "/usr/lib/python2.7/site-packages/keystoneclient/base.py", line 125, in _list
+ resp, body = self.client.get(url, **kwargs)
+ File "/usr/lib/python2.7/site-packages/keystoneauth1/adapter.py", line 304, in get
+ return self.request(url, 'GET', **kwargs)
+ File "/usr/lib/python2.7/site-packages/keystoneauth1/adapter.py", line 463, in request
+ resp = super(LegacyJsonAdapter, self).request(*args, **kwargs)
+ File "/usr/lib/python2.7/site-packages/keystoneauth1/adapter.py", line 189, in request
+ return self.session.request(url, method, **kwargs)
+ File "/usr/lib/python2.7/site-packages/osc_lib/session.py", line 40, in request
+ resp = super(TimingSession, self).request(url, method, **kwargs)
+ File "/usr/lib/python2.7/site-packages/keystoneauth1/session.py", line 737, in request
+ raise exceptions.from_response(resp, method, url)
InternalServerError: An unexpected error prevented the server from fulfilling your request. (HTTP 500) (Request-ID: req-a0cfd301-7d4c-4ce8-ae74-5b81c0b6a6af)
clean_up ListUser: An unexpected error prevented the server from fulfilling your request. (HTTP 500) (Request-ID: req-a0cfd301-7d4c-4ce8-ae74-5b81c0b6a6af)
Traceback (most recent call last):
- File "/usr/lib/python2.7/site-packages/osc_lib/shell.py", line 134, in run
- ret_val = super(OpenStackShell, self).run(argv)
- File "/usr/lib/python2.7/site-packages/cliff/app.py", line 279, in run
- result = self.run_subcommand(remainder)
- File "/usr/lib/python2.7/site-packages/osc_lib/shell.py", line 169, in run_subcommand
- ret_value = super(OpenStackShell, self).run_subcommand(argv)
- File "/usr/lib/python2.7/site-packages/cliff/app.py", line 400, in run_subcommand
- result = cmd.run(parsed_args)
- File "/usr/lib/python2.7/site-packages/osc_lib/command/command.py", line 41, in run
- return super(Command, self).run(parsed_args)
- File "/usr/lib/python2.7/site-packages/cliff/display.py", line 116, in run
- column_names, data = self.take_action(parsed_args)
- File "/usr/lib/python2.7/site-packages/openstackclient/identity/v3/user.py", line 266, in take_action
- group=group,
- File "/usr/lib/python2.7/site-packages/debtcollector/renames.py", line 43, in decorator
- return wrapped(*args, **kwargs)
- File "/usr/lib/python2.7/site-packages/keystoneclient/v3/users.py", line 136, in list
- **kwargs)
- File "/usr/lib/python2.7/site-packages/keystoneclient/base.py", line 75, in func
- return f(*args, **new_kwargs)
- File "/usr/lib/python2.7/site-packages/keystoneclient/base.py", line 397, in list
- self.collection_key)
- File "/usr/lib/python2.7/site-packages/keystoneclient/base.py", line 125, in _list
- resp, body = self.client.get(url, **kwargs)
- File "/usr/lib/python2.7/site-packages/keystoneauth1/adapter.py", line 304, in get
- return self.request(url, 'GET', **kwargs)
- File "/usr/lib/python2.7/site-packages/keystoneauth1/adapter.py", line 463, in request
- resp = super(LegacyJsonAdapter, self).request(*args, **kwargs)
- File "/usr/lib/python2.7/site-packages/keystoneauth1/adapter.py", line 189, in request
- return self.session.request(url, method, **kwargs)
- File "/usr/lib/python2.7/site-packages/osc_lib/session.py", line 40, in request
- resp = super(TimingSession, self).request(url, method, **kwargs)
- File "/usr/lib/python2.7/site-packages/keystoneauth1/session.py", line 737, in request
- raise exceptions.from_response(resp, method, url)
+ File "/usr/lib/python2.7/site-packages/osc_lib/shell.py", line 134, in run
+ ret_val = super(OpenStackShell, self).run(argv)
+ File "/usr/lib/python2.7/site-packages/cliff/app.py", line 279, in run
+ result = self.run_subcommand(remainder)
+ File "/usr/lib/python2.7/site-packages/osc_lib/shell.py", line 169, in run_subcommand
+ ret_value = super(OpenStackShell, self).run_subcommand(argv)
+ File "/usr/lib/python2.7/site-packages/cliff/app.py", line 400, in run_subcommand
+ result = cmd.run(parsed_args)
+ File "/usr/lib/python2.7/site-packages/osc_lib/command/command.py", line 41, in run
+ return super(Command, self).run(parsed_args)
+ File "/usr/lib/python2.7/site-packages/cliff/display.py", line 116, in run
+ column_names, data = self.take_action(parsed_args)
+ File "/usr/lib/python2.7/site-packages/openstackclient/identity/v3/user.py", line 266, in take_action
+ group=group,
+ File "/usr/lib/python2.7/site-packages/debtcollector/renames.py", line 43, in decorator
+ return wrapped(*args, **kwargs)
+ File "/usr/lib/python2.7/site-packages/keystoneclient/v3/users.py", line 136, in list
+ **kwargs)
+ File "/usr/lib/python2.7/site-packages/keystoneclient/base.py", line 75, in func
+ return f(*args, **new_kwargs)
+ File "/usr/lib/python2.7/site-packages/keystoneclient/base.py", line 397, in list
+ self.collection_key)
+ File "/usr/lib/python2.7/site-packages/keystoneclient/base.py", line 125, in _list
+ resp, body = self.client.get(url, **kwargs)
+ File "/usr/lib/python2.7/site-packages/keystoneauth1/adapter.py", line 304, in get
+ return self.request(url, 'GET', **kwargs)
+ File "/usr/lib/python2.7/site-packages/keystoneauth1/adapter.py", line 463, in request
+ resp = super(LegacyJsonAdapter, self).request(*args, **kwargs)
+ File "/usr/lib/python2.7/site-packages/keystoneauth1/adapter.py", line 189, in request
+ return self.session.request(url, method, **kwargs)
+ File "/usr/lib/python2.7/site-packages/osc_lib/session.py", line 40, in request
+ resp = super(TimingSession, self).request(url, method, **kwargs)
+ File "/usr/lib/python2.7/site-packages/keystoneauth1/session.py", line 737, in request
+ raise exceptions.from_response(resp, method, url)
InternalServerError: An unexpected error prevented the server from fulfilling your request. (HTTP 500) (Request-ID: req-a0cfd301-7d4c-4ce8-ae74-5b81c0b6a6af)
+
+ I am using centos-release-openstack-queens (Queens version of openstack)
+ and openstack-keystone-13.0.1
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1831100
Title:
Keystone + LDAP list users of a group
Status in OpenStack Identity (keystone):
New
Bug description:
I have created an LDAP group 'group2' and added users to that group.
When I used the ldap search can see the user in the group.
ldapsearch -x -H ldap://localhost -b
cn=group2,ou=groups,dc=test,dc=org -D "cn=admin,dc=test,dc=org" -w
admin "(objectClass=posixGroup)" -S "memberUid"
I then register my LDAP domain with keystone and can see the list of
groups and also see the list of users but when I try to get the list
of users that belong to a group I am getting a 500 Internal Server
Error. The command I used was
openastack user list --domain lldap --group group2 --debug
and the error is as follows:
GET call to identity for http://127.0.0.1:35357/v3/groups/c6c5a4931e70af09259bcc2111ce569ea5cf386ceacfe485faa7a048873fb578/users?domain_id=d2c019644a344302a9302bcf004fd3e3 used request id req-a0cfd301-7d4c-4ce8-ae74-5b81c0b6a6af
Request returned failure status: 500
An unexpected error prevented the server from fulfilling your request. (HTTP 500) (Request-ID: req-a0cfd301-7d4c-4ce8-ae74-5b81c0b6a6af)
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/cliff/app.py", line 400, in run_subcommand
result = cmd.run(parsed_args)
File "/usr/lib/python2.7/site-packages/osc_lib/command/command.py", line 41, in run
return super(Command, self).run(parsed_args)
File "/usr/lib/python2.7/site-packages/cliff/display.py", line 116, in run
column_names, data = self.take_action(parsed_args)
File "/usr/lib/python2.7/site-packages/openstackclient/identity/v3/user.py", line 266, in take_action
group=group,
File "/usr/lib/python2.7/site-packages/debtcollector/renames.py", line 43, in decorator
return wrapped(*args, **kwargs)
File "/usr/lib/python2.7/site-packages/keystoneclient/v3/users.py", line 136, in list
**kwargs)
File "/usr/lib/python2.7/site-packages/keystoneclient/base.py", line 75, in func
return f(*args, **new_kwargs)
File "/usr/lib/python2.7/site-packages/keystoneclient/base.py", line 397, in list
self.collection_key)
File "/usr/lib/python2.7/site-packages/keystoneclient/base.py", line 125, in _list
resp, body = self.client.get(url, **kwargs)
File "/usr/lib/python2.7/site-packages/keystoneauth1/adapter.py", line 304, in get
return self.request(url, 'GET', **kwargs)
File "/usr/lib/python2.7/site-packages/keystoneauth1/adapter.py", line 463, in request
resp = super(LegacyJsonAdapter, self).request(*args, **kwargs)
File "/usr/lib/python2.7/site-packages/keystoneauth1/adapter.py", line 189, in request
return self.session.request(url, method, **kwargs)
File "/usr/lib/python2.7/site-packages/osc_lib/session.py", line 40, in request
resp = super(TimingSession, self).request(url, method, **kwargs)
File "/usr/lib/python2.7/site-packages/keystoneauth1/session.py", line 737, in request
raise exceptions.from_response(resp, method, url)
InternalServerError: An unexpected error prevented the server from fulfilling your request. (HTTP 500) (Request-ID: req-a0cfd301-7d4c-4ce8-ae74-5b81c0b6a6af)
clean_up ListUser: An unexpected error prevented the server from fulfilling your request. (HTTP 500) (Request-ID: req-a0cfd301-7d4c-4ce8-ae74-5b81c0b6a6af)
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/osc_lib/shell.py", line 134, in run
ret_val = super(OpenStackShell, self).run(argv)
File "/usr/lib/python2.7/site-packages/cliff/app.py", line 279, in run
result = self.run_subcommand(remainder)
File "/usr/lib/python2.7/site-packages/osc_lib/shell.py", line 169, in run_subcommand
ret_value = super(OpenStackShell, self).run_subcommand(argv)
File "/usr/lib/python2.7/site-packages/cliff/app.py", line 400, in run_subcommand
result = cmd.run(parsed_args)
File "/usr/lib/python2.7/site-packages/osc_lib/command/command.py", line 41, in run
return super(Command, self).run(parsed_args)
File "/usr/lib/python2.7/site-packages/cliff/display.py", line 116, in run
column_names, data = self.take_action(parsed_args)
File "/usr/lib/python2.7/site-packages/openstackclient/identity/v3/user.py", line 266, in take_action
group=group,
File "/usr/lib/python2.7/site-packages/debtcollector/renames.py", line 43, in decorator
return wrapped(*args, **kwargs)
File "/usr/lib/python2.7/site-packages/keystoneclient/v3/users.py", line 136, in list
**kwargs)
File "/usr/lib/python2.7/site-packages/keystoneclient/base.py", line 75, in func
return f(*args, **new_kwargs)
File "/usr/lib/python2.7/site-packages/keystoneclient/base.py", line 397, in list
self.collection_key)
File "/usr/lib/python2.7/site-packages/keystoneclient/base.py", line 125, in _list
resp, body = self.client.get(url, **kwargs)
File "/usr/lib/python2.7/site-packages/keystoneauth1/adapter.py", line 304, in get
return self.request(url, 'GET', **kwargs)
File "/usr/lib/python2.7/site-packages/keystoneauth1/adapter.py", line 463, in request
resp = super(LegacyJsonAdapter, self).request(*args, **kwargs)
File "/usr/lib/python2.7/site-packages/keystoneauth1/adapter.py", line 189, in request
return self.session.request(url, method, **kwargs)
File "/usr/lib/python2.7/site-packages/osc_lib/session.py", line 40, in request
resp = super(TimingSession, self).request(url, method, **kwargs)
File "/usr/lib/python2.7/site-packages/keystoneauth1/session.py", line 737, in request
raise exceptions.from_response(resp, method, url)
InternalServerError: An unexpected error prevented the server from fulfilling your request. (HTTP 500) (Request-ID: req-a0cfd301-7d4c-4ce8-ae74-5b81c0b6a6af)
I am using centos-release-openstack-queens (Queens version of openstack)
and openstack-keystone-13.0.1
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1831100/+subscriptions
Follow ups
