On Tue, Feb 2, 2021 at 6:01 AM Midhunlal Nb <midhunlaln66@gmail.com> wrote:

Hi,

Hi Midhunlal,

I tried to integrate ldap with my openstack. I followed an openstack document and completed the ldap integration,after that I am getting a lot of errors,I am not able to run any openstack commands. -->I followed below document https://docs.openstack.org/keystone/rocky/admin/identity-integrate-with-ldap...

--->I am getting below errors root@controller:~/client-scripts# openstack image list The request you have made requires authentication. (HTTP 401) (Request-ID: req-bdcde4be-5b62-4454-9084-19324603d0ce)

--->so I checked keystone log

POST http://controller:5000/v3/auth/tokens 2021-01-29 11:16:36.881 28558 WARNING keystone.auth.plugins.core [req-cf013eff-6e1e-43c4-a6ae-9f91f4fe48f9 - - - - -] Could not find user: neutron.: UserNotFound: Could not find user: neutron. 2021-01-29 11:16:36.881 28558 WARNING keystone.common.wsgi [req-cf013eff-6e1e-43c4-a6ae-9f91f4fe48f9 - - - - -] Authorization failed. The request you have made requires authentication. from192.168.xxx.xx: Unauthorized: The request you have made requires authentication. 2021-01-29 11:17:22.009 28556 INFO keystone.common.wsgi [req-a2a480a7-2ee1-4e11-8a48-dcf93ffb96db - - - - -] POSthttp://controller:5000/v3/auth/tokens 2021-01-29 11:17:22.039 28556 WARNING keystone.auth.plugins.core [req-a2a480a7-2ee1-4e11-8a48-dcf93ffb96db - - - - -] Could not find user: placement.: UserNotFound: Could not find user: placement.

That is because, if you switch the main domain from SQL to LDAP, it will no longer "see" the users defined in the SQL database. You can either define them again in LDAP or use LDAP with a different domain. I find the latter a much cleaner solution. -yoctozepto