<html>

  <head>

    <meta content="text/html; charset=ISO-8859-1"

      http-equiv="Content-Type">

  </head>

  <body text="#000000" bgcolor="#FFFFFF">

    <div class="moz-cite-prefix">On 08/17/2012 05:47 PM, Dolph Mathews

      wrote:<br>

    </div>

    <blockquote

cite="mid:CACgyLQbyJe1CK2gi6+j3dme3Ls3hpSGJCFsL6s8OfwgWr7RDbg@mail.gmail.com"

      type="cite">The admin_token value from keystone.conf is not a real

      token; it exists as a string in memory and has no context, user or

      actual roles associated with it (hence it does not appear in your

      token table).</blockquote>

    <br>

    <br>

    Please try the steps here instead: <br>

    <br>

    <a class="moz-txt-link-freetext" href="https://access.redhat.com/knowledge/docs/Red_Hat_OpenStack_Preview/">https://access.redhat.com/knowledge/docs/Red_Hat_OpenStack_Preview/</a><br>

    <br>

    bascially, try export SERVICE_TOKEN=<admin_token string from

    keystone.conf>  instead<br>

    <br>

    --token is not the same as SERVICE_TOKEN<br>

    <br>

    <blockquote

cite="mid:CACgyLQbyJe1CK2gi6+j3dme3Ls3hpSGJCFsL6s8OfwgWr7RDbg@mail.gmail.com"

      type="cite">

      <div><br>

      </div>

      <div>As for your actual issue, I don't see anything obviously

        wrong with what's below. Is logging enabled & working,

        otherwise? Have you tried "verbose = True" and "debug = True"?

        Have you tried running that command from the compute node

        itself, rather than over the internet IP? What happens when you

        curl / GET / whatever <a class="moz-txt-link-freetext" href="http://">http://</a><internet_ip of the controller

        node>:35357/v2.0 and/or <a moz-do-not-send="true"

          href="http://127.0.0.1:35357/v2.0">http://127.0.0.1:35357/v2.0</a>

        ?</div>

      <div><br>

      </div>

      <div>-Dolph<br>

        <br>

        <div class="gmail_quote">On Fri, Aug 17, 2012 at 3:26 PM, Xin

          Zhao <span dir="ltr"><<a moz-do-not-send="true"

              href="mailto:xzhao@bnl.gov" target="_blank">xzhao@bnl.gov</a>></span>

          wrote:<br>

          <blockquote class="gmail_quote" style="margin:0 0 0

            .8ex;border-left:1px #ccc solid;padding-left:1ex">

            Hello,<br>

            <br>

            I newly install keystone on the RHEL6 machine, but it is not

            working. The following command fails:<br>

            <br>

            $ keystone --token <admin_token string from

            keystone.conf> --endpoint <a class="moz-txt-link-freetext" href="http://">http://</a><internet_ip of the

            controller node>:35357/v2.0 tenant-create --name

            openstackDemo --description "Default Tenant" --enabled true<br>

            <br>

            Unable to communicate with identity service: (403,

            'Forbidden'). (HTTP 400)<br>

            <br>

            There is no relevant log in the keystone.log file.<br>

            <br>

            Here is the instruction I follow:<br>

            <a moz-do-not-send="true"

href="http://docs.openstack.org/essex/openstack-compute/install/yum/content/setting-up-tenants-users-and-roles.html"

              target="_blank">http://docs.openstack.org/essex/openstack-compute/install/yum/content/setting-up-tenants-users-and-roles.html</a><br>

            <br>

            This is done on the controller node itself. I can telnet to

            <internet_ip of the controller node>:35357. I can also<br>

            log into mysql DB as keystone user, although there is no

            <admin_token> entry in any of the keystone tables.<br>

            <br>

            Any idea what is going wrong here?<br>

            <br>

            Thanks,<br>

            Xin<br>

            <br>

            <br>

            _______________________________________________<br>

            Mailing list: <a moz-do-not-send="true"

              href="https://launchpad.net/%7Eopenstack" target="_blank">https://launchpad.net/~openstack</a><br>

            Post to     : <a moz-do-not-send="true"

              href="mailto:openstack@lists.launchpad.net">openstack@lists.launchpad.net</a><br>

            Unsubscribe : <a moz-do-not-send="true"

              href="https://launchpad.net/%7Eopenstack" target="_blank">https://launchpad.net/~openstack</a><br>

            More help   : <a moz-do-not-send="true"

              href="https://help.launchpad.net/ListHelp" target="_blank">https://help.launchpad.net/ListHelp</a><br>

            <br>

          </blockquote>

        </div>

        <br>

      </div>

      <br>

      <fieldset class="mimeAttachmentHeader"></fieldset>

      <br>

      <pre wrap="">_______________________________________________

Mailing list: <a class="moz-txt-link-freetext" href="https://launchpad.net/~openstack">https://launchpad.net/~openstack</a>

Post to     : <a class="moz-txt-link-abbreviated" href="mailto:openstack@lists.launchpad.net">openstack@lists.launchpad.net</a>

Unsubscribe : <a class="moz-txt-link-freetext" href="https://launchpad.net/~openstack">https://launchpad.net/~openstack</a>

More help   : <a class="moz-txt-link-freetext" href="https://help.launchpad.net/ListHelp">https://help.launchpad.net/ListHelp</a>

</pre>

    </blockquote>

    <br>

  </body>

</html>