<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 11/29/2012 11:47 PM, yasith tharindu
wrote:<br>
</div>
<blockquote
cite="mid:CAMpRDc7aT=2+Mk5Y_wLGNKyTMNt1=QBNr8RVbuf4yS9FsHDTwg@mail.gmail.com"
type="cite"><br>
<div class="gmail_quote"><br>
I was trying to enable enable keystone with ldap. but always
return me with a this error. "<b>Error: </b>Invalid user name
or password." and no log trace can be found.<br>
</div>
</blockquote>
<br>
All I can say is it looks correct enough, but you obviosuly have a
problem in your LDAP to Keystone configuration. Authentication to
LDAP is done using a simple bind, based on what you have for the
user_tree_dn. Make sure you can do that same bind from a command
line LDAP tool.<br>
<br>
<blockquote
cite="mid:CAMpRDc7aT=2+Mk5Y_wLGNKyTMNt1=QBNr8RVbuf4yS9FsHDTwg@mail.gmail.com"
type="cite">
<div class="gmail_quote"><br>
my keystone config as following<br>
<br>
<br>
[ldap]<br>
url = <a class="moz-txt-link-freetext" href="ldap://">ldap://</a><a moz-do-not-send="true"
href="http://ldap.example.org" target="_blank">ldap.example.org</a><br>
tree_dn = dc=ldap,dc=example,dc=org<br>
user_tree_dn = ou=user,dc=ldap,dc=example,dc=org<br>
tenant_tree_dn = ou=group,dc=ldap,dc=example,dc=org<br>
user = uid=ldapuser,ou=user,dc=ldap,dc=example,dc=org<br>
password = password<br>
suffix = dc=ldap,dc=example,dc=org<br>
user_name_attribute = uid<br>
<br>
<br>
[identity]<br>
driver = keystone.identity.backends.ldap.Identity<br>
<br>
<br>
<br>
<br>
I have few questions.<br>
<br>
what am i missing here.<br>
what is the purpose of "role_tree_dn" config does that
necessarily needed.<br>
can we enable logs.<br>
there are many groups under tenant_tree_dn do I have to setup
which group to look at.<br>
Is there a sample ldap ldif file and keystone config to loook
at?<br>
<br>
Thanks<span class="HOEnZb"><font color="#888888"><br>
<br clear="all">
<br>
-- <br>
Thanks..<br>
Regards...<br>
<br>
Blog: <a moz-do-not-send="true"
href="http://www.yasith.info" target="_blank">http://www.yasith.info</a><br>
Twitter : <a moz-do-not-send="true"
href="http://twitter.com/yasithnd" target="_blank">http://twitter.com/yasithnd</a><br>
LinkedIn : <a moz-do-not-send="true"
href="http://www.linkedin.com/in/yasithnd" target="_blank">http://www.linkedin.com/in/yasithnd</a><br>
<div>
GPG Key ID : <b>57CEE66E</b></div>
<br>
</font></span></div>
<br>
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Mailing list: <a class="moz-txt-link-freetext" href="https://launchpad.net/~openstack">https://launchpad.net/~openstack</a>
Post to : <a class="moz-txt-link-abbreviated" href="mailto:openstack@lists.launchpad.net">openstack@lists.launchpad.net</a>
Unsubscribe : <a class="moz-txt-link-freetext" href="https://launchpad.net/~openstack">https://launchpad.net/~openstack</a>
More help : <a class="moz-txt-link-freetext" href="https://help.launchpad.net/ListHelp">https://help.launchpad.net/ListHelp</a>
</pre>
</blockquote>
<br>
</body>
</html>