Hi all, I’m integrating keystone with LDAP, and having “service account” e.g. Nova, keystone etc.. which are in database. As soon as connecting it to ldap all authentication getting failed, how can I have both “service account” and “LDAP users” connected to Keystone? Here is my keystone.conf ################### [ldap] url = ldap://XXXXX user = uid=XXX,cn=sysaccounts,cn=etc,dc=XXX,dc=de password = dkrzprox user_tree_dn = cn=users,cn=accounts,dc=XXX,dc=de user_objectclass = posixAccount user_id_attribute = uid user_name_attribute = uid user_allow_create = false user_allow_update = false user_allow_delete = false group_tree_dn = cn=groups,cn=accounts,dc=XXX,dc=de group_objectclass = groupOfNames group_id_attribute = cn group_name_attribute = cn group_member_attribute = member group_desc_attribute = description group_allow_create = false group_allow_update = false group_allow_delete = false use_pool = true use_auth_pool = true debug_level = 4095 query_scope = sub [identity] driver = ldap ##################### OS: Centos7 OpenStack-Release: Train Any idea or example of options gonna be great! Thank you