<div>Hi Team;</div><div><br></div><div><br></div><div>I was trying to configure ldap + keystone but it seems not working.  I feel like authentication is successful but horizon return me python error. Im unable to trace as its does not give any detail.  Following I have attached the error, ldap dump, keystone config. I would really appreciate if you can note me down any configuration error.</div>
<div><br></div><div>My nova version is::   2012.2 (2012.2-LOCALBRANCH:LOCALREVISION)</div><div><br></div><div>If its wrong password it returns, "Invalid user name or password." When type correct credentials but user not in the any of "Group" it return "You are not authorized for any projects." When type correct credentials and the user is a member of a group (eg: cn=demo,ou=Groups,dc=example,dc=com), It returns following error.</div>
<div><br></div><div><br></div><div><br></div><div><br></div><div><br></div><div>################### The error ########################</div><div><br></div><div>KeyError at /auth/login/</div><div>'name'</div><div>Request Method:<span class="Apple-tab-span" style="white-space:pre">        </span>POST</div>
<div>Request URL:<span class="Apple-tab-span" style="white-space:pre">  </span><a href="https://192.168.25.240/auth/login/">https://192.168.25.240/auth/login/</a></div><div>Django Version:<span class="Apple-tab-span" style="white-space:pre">     </span>1.4.1</div>
<div>Exception Type:<span class="Apple-tab-span" style="white-space:pre">       </span>KeyError</div><div>Exception Value:<span class="Apple-tab-span" style="white-space:pre">     </span></div><div>'name'</div><div>Exception Location:<span class="Apple-tab-span" style="white-space:pre">     </span>/usr/lib/python2.7/dist-packages/openstack_auth/user.py in create_user_from_token, line 25</div>
<div>Python Executable:<span class="Apple-tab-span" style="white-space:pre">    </span>/usr/bin/python</div><div>Python Version:<span class="Apple-tab-span" style="white-space:pre">       </span>2.7.3</div><div>Python Path:<span class="Apple-tab-span" style="white-space:pre">    </span></div>
<div>['/usr/share/openstack-dashboard/openstack_dashboard/wsgi/../..',</div><div> '/usr/share/openstack-dashboard/openstack_dashboard',</div><div> '/usr/lib/python2.7',</div><div> '/usr/lib/python2.7/plat-linux2',</div>
<div> '/usr/lib/python2.7/lib-tk',</div><div> '/usr/lib/python2.7/lib-old',</div><div> '/usr/lib/python2.7/lib-dynload',</div><div> '/usr/local/lib/python2.7/dist-packages',</div><div> '/usr/lib/python2.7/dist-packages',</div>
<div> '/usr/lib/pymodules/python2.7',</div><div> '/usr/share/openstack-dashboard/']</div><div><br></div><div><br></div><div>Environment:</div><div><br></div><div><br></div><div>Request Method: POST</div><div>
Request URL: <a href="https://192.168.25.240/auth/login/">https://192.168.25.240/auth/login/</a></div><div><br></div><div>Django Version: 1.4.1</div><div>Python Version: 2.7.3</div><div>Installed Applications:</div><div>('openstack_dashboard',</div>
<div> 'django.contrib.contenttypes',</div><div> 'django.contrib.auth',</div><div> 'django.contrib.sessions',</div><div> 'django.contrib.messages',</div><div> 'django.contrib.staticfiles',</div>
<div> 'django.contrib.humanize',</div><div> 'compressor',</div><div> 'horizon',</div><div> 'horizon.dashboards.nova',</div><div> 'horizon.dashboards.syspanel',</div><div> 'horizon.dashboards.settings',</div>
<div> 'openstack_auth')</div><div>Installed Middleware:</div><div>('django.middleware.common.CommonMiddleware',</div><div> 'django.middleware.csrf.CsrfViewMiddleware',</div><div> 'django.contrib.sessions.middleware.SessionMiddleware',</div>
<div> 'django.contrib.auth.middleware.AuthenticationMiddleware',</div><div> 'django.contrib.messages.middleware.MessageMiddleware',</div><div> 'horizon.middleware.HorizonMiddleware',</div><div> 'django.middleware.doc.XViewMiddleware',</div>
<div> 'django.middleware.locale.LocaleMiddleware')</div><div><br></div><div><br></div><div>Traceback:</div><div>File "/usr/lib/python2.7/dist-packages/django/core/handlers/base.py" in get_response</div><div>
  111.                         response = callback(request, *callback_args, **callback_kwargs)</div><div>File "/usr/lib/python2.7/dist-packages/django/views/decorators/debug.py" in sensitive_post_parameters_wrapper</div>
<div>  69.             return view(request, *args, **kwargs)</div><div>File "/usr/lib/python2.7/dist-packages/django/utils/decorators.py" in _wrapped_view</div><div>  91.                     response = view_func(request, *args, **kwargs)</div>
<div>File "/usr/lib/python2.7/dist-packages/django/views/decorators/cache.py" in _wrapped_view_func</div><div>  89.         response = view_func(request, *args, **kwargs)</div><div>File "/usr/lib/python2.7/dist-packages/openstack_auth/views.py" in login</div>
<div>  50.                        extra_context=extra_context)</div><div>File "/usr/lib/python2.7/dist-packages/django/views/decorators/debug.py" in sensitive_post_parameters_wrapper</div><div>  69.             return view(request, *args, **kwargs)</div>
<div>File "/usr/lib/python2.7/dist-packages/django/utils/decorators.py" in _wrapped_view</div><div>  91.                     response = view_func(request, *args, **kwargs)</div><div>File "/usr/lib/python2.7/dist-packages/django/views/decorators/cache.py" in _wrapped_view_func</div>
<div>  89.         response = view_func(request, *args, **kwargs)</div><div>File "/usr/lib/python2.7/dist-packages/django/contrib/auth/views.py" in login</div><div>  36.         if form.is_valid():</div><div>File "/usr/lib/python2.7/dist-packages/django/forms/forms.py" in is_valid</div>
<div>  124.         return self.is_bound and not bool(self.errors)</div><div>File "/usr/lib/python2.7/dist-packages/django/forms/forms.py" in _get_errors</div><div>  115.             self.full_clean()</div><div>
File "/usr/lib/python2.7/dist-packages/django/forms/forms.py" in full_clean</div><div>  271.         self._clean_form()</div><div>File "/usr/lib/python2.7/dist-packages/django/forms/forms.py" in _clean_form</div>
<div>  299.             self.cleaned_data = self.clean()</div><div>File "/usr/lib/python2.7/dist-packages/django/views/decorators/debug.py" in sensitive_variables_wrapper</div><div>  34.             return func(*args, **kwargs)</div>
<div>File "/usr/lib/python2.7/dist-packages/openstack_auth/forms.py" in clean</div><div>  57.                                            auth_url=region)</div><div>File "/usr/lib/python2.7/dist-packages/django/contrib/auth/__init__.py" in authenticate</div>
<div>  45.             user = backend.authenticate(**credentials)</div><div>File "/usr/lib/python2.7/dist-packages/openstack_auth/backend.py" in authenticate</div><div>  113.         user = create_user_from_token(request, token, client.management_url)</div>
<div>File "/usr/lib/python2.7/dist-packages/openstack_auth/user.py" in create_user_from_token</div><div>  25.                 tenant_name=token.tenant['name'],</div><div><br></div><div>Exception Type: KeyError at /auth/login/</div>
<div>Exception Value: 'name'</div><div><br></div><div><br></div><div><br></div><div><br></div><div>########################My LDAP dump #####################</div><div>dn: dc=example,dc=com</div><div>objectClass: top</div>
<div>objectClass: dcObject</div><div>objectClass: organization</div><div>o: example Inc</div><div>dc: example</div><div>structuralObjectClass: organization</div><div><br></div><div><br></div><div>dn: cn=admin,dc=example,dc=com</div>
<div>objectClass: simpleSecurityObject</div><div>objectClass: organizationalRole</div><div>cn: admin</div><div>description: LDAP administrator</div><div>userPassword:: e1NTSEF9cGgrencraEZDWlFDNmR2bmEyM2kyb2RVWXdsK0FlSWg=</div>
<div><br></div><div>dn: ou=Groups,dc=example,dc=com</div><div>ou: groups</div><div>objectClass: organizationalUnit</div><div><br></div><div><br></div><div><br></div><div>dn: ou=Users,dc=example,dc=com</div><div>ou: users</div>
<div>objectClass: organizationalUnit</div><div><br></div><div><br></div><div>dn: ou=Roles,dc=example,dc=com</div><div>ou: roles</div><div>objectClass: organizationalUnit</div><div>dn: cn=yasith,ou=Users,dc=example,dc=com</div>
<div>cn: yasith</div><div>displayName: yasith</div><div>givenName: yasith</div><div>mail: <a href="mailto:yasith@example.com">yasith@example.com</a></div><div>objectClass: inetOrgPerson</div><div>objectClass: top</div><div>
sn: yasith</div><div>uid: yasith</div><div>userPassword:: YWJjMTIz</div><div><br></div><div>dn: cn=demo,ou=Users,dc=example,dc=com</div><div>cn: demo</div><div>displayName: demo</div><div>givenName: demo</div><div>mail: <a href="mailto:demo@example.com">demo@example.com</a></div>
<div>objectClass: inetOrgPerson</div><div>objectClass: top</div><div>sn: demo</div><div>uid: demo</div><div>userPassword:: YWJjMTIz</div><div><br></div><div>dn: cn=tharindu,ou=Users,dc=example,dc=com</div><div>cn: tharindu</div>
<div>displayName: tharindu</div><div>givenName: tharindu</div><div>mail: <a href="mailto:tharindu@example.com">tharindu@example.com</a></div><div>objectClass: inetOrgPerson</div><div>objectClass: top</div><div>sn: tharindu</div>
<div>uid: tharindu</div><div>userPassword:: YWJjMTIz</div><div><br></div><div>dn: cn=demo,ou=Groups,dc=example,dc=com</div><div>cn: demo</div><div>member: cn=demo,ou=Users,dc=example,dc=com</div><div>member: cn=yasith,ou=Users,dc=example,dc=com</div>
<div>objectClass: groupOfNames</div><div><br></div><div><br></div><div>dn: cn=Member,ou=Roles,dc=example,dc=com</div><div>cn: member</div><div>description: Role associated with openstack users</div><div>objectClass: organizationalRole</div>
<div>roleOccupant: cn=demo,ou=Users,dc=example,dc=com</div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div><div>######### Keystone Config #######################################</div><div><br></div>
<div><br></div><div>[ldap]</div><div>url = ldap://<a href="http://10.100.0.10">10.100.0.10</a></div><div>tree_dn = dc=example,dc=com</div><div>user_tree_dn = ou=Users,dc=example,dc=com</div><div>role_tree_dn = ou=Roles,dc=example,dc=com</div>
<div>tenant_tree_dn = ou=Groups,dc=example,dc=com</div><div>user = cn=admin,dc=example,dc=com</div><div>password = admin123</div><div>suffix = cn=example,cn=com</div><div><br></div><div>[identity]</div><div>driver = keystone.identity.backends.ldap.Identity</div>
<div><br></div><div><br></div><div>[catalog]</div><div>driver = keystone.catalog.backends.sql.Catalog</div><div><br></div><div>[token]</div><div>driver = keystone.token.backends.sql.Token</div><div><br></div>