We’re running Train on Centos 7, and using Keycloak for auth. After I setup Keycloak, create a user in Keycloak, and then login to Horizon via Keycloak, a user is created in Keystone:

 

| ccb276f4f507fd9f271d629d2ad896d2c97e04f81336cd8c1332f4b2df115ca2 | test              |

 

If I try to address that user by name, I get an error:

 

(openstack) [root@chrnc-area51-build-01 our-ok-kolla-ansible]# os user show test

More than one user exists with the name 'test'.

 

I can address it by id. When I list users, I only see one “test” user.”

 

(openstack) [root@chrnc-area51-build-01 our-ok-kolla-ansible]# os user show ccb276f4f507fd9f271d629d2ad896d2c97e04f81336cd8c1332f4b2df115ca2

+---------------------+------------------------------------------------------------------+

| Field               | Value                                                            |

+---------------------+------------------------------------------------------------------+

| domain_id           | 4678301ef9a24d54bcd2e87a8fbc6872                                 |

| email               | test@example.com                                                 |

 

If I create a second user in Keycloak and login the same way, this doesn’t happen:

 

(openstack) [root@chrnc-area51-build-01 our-ok-kolla-ansible]# os user show test2

+---------------------+------------------------------------------------------------------+

| Field               | Value                                                            |

+---------------------+------------------------------------------------------------------+

| domain_id           | 4678301ef9a24d54bcd2e87a8fbc6872                                 |

| email               | test2@example.com                                                |

 

These 2 users look identical in the database:

 

user:

 

| ccb276f4f507fd9f271d629d2ad896d2c97e04f81336cd8c1332f4b2df115ca2 | {"email": "test@example.com"}        |       1 | NULL                             | 2021-01-22 18:33:20 | NULL           | 4678301ef9a24d54bcd2e87a8fbc6872 |

| f4287b6082b8f36048d052eaa3d35facb94e5eff598d59d2aee68252ddb13339 | {"email": "test2@example.com"}       |       1 | NULL                             | 2021-01-22 21:01:54 | NULL           | 4678301ef9a24d54bcd2e87a8fbc6872 |

 

federated_user:

 

|  6 | ccb276f4f507fd9f271d629d2ad896d2c97e04f81336cd8c1332f4b2df115ca2 | keycloak | openid      | test      | test         |

|  9 | f4287b6082b8f36048d052eaa3d35facb94e5eff598d59d2aee68252ddb13339 | keycloak | openid      | test2     | test2        |

 

Where should I be looking for the cause of this error?

 

 

I apologize for the nonsense below. So far I have not been able to stop it from being attached to my external emails. I'm working on it.

 

The contents of this e-mail message and
any attachments are intended solely for the
addressee(s) and may contain confidential
and/or legally privileged information. If you
are not the intended recipient of this message
or if this message has been addressed to you
in error, please immediately alert the sender
by reply e-mail and then delete this message
and any attachments. If you are not the
intended recipient, you are notified that
any use, dissemination, distribution, copying,
or storage of this message or any attachment
is strictly prohibited.