I’m integrating keystone with LDAP, and having “service account” e.g. Nova, keystone etc.. which are in database.
As soon as connecting it to ldap all authentication getting failed, how can I have both “service account” and “LDAP users” connected to Keystone?
[ldap]
user = uid=XXX,cn=sysaccounts,cn=etc,dc=XXX,dc=de
password = dkrzprox
user_tree_dn = cn=users,cn=accounts,dc=XXX,dc=de
user_objectclass = posixAccount
user_id_attribute = uid
user_name_attribute = uid
user_allow_create = false
user_allow_update = false
user_allow_delete = false
group_tree_dn = cn=groups,cn=accounts,dc=XXX,dc=de
group_objectclass = groupOfNames
group_id_attribute = cn
group_name_attribute = cn
group_member_attribute = member
group_desc_attribute = description
group_allow_create = false
group_allow_update = false
group_allow_delete = false
use_pool = true
use_auth_pool = true
debug_level = 4095
query_scope = sub