LDAP integration with openstack
Radosław Piliszek
radoslaw.piliszek at gmail.com
Tue Feb 2 06:57:55 UTC 2021
On Tue, Feb 2, 2021 at 6:01 AM Midhunlal Nb <midhunlaln66 at gmail.com> wrote:
>
> Hi,
Hi Midhunlal,
> I tried to integrate ldap with my openstack. I followed an openstack
> document and completed the ldap integration,after that I am getting
> a lot of errors,I am not able to run any openstack commands.
> -->I followed below document
> https://docs.openstack.org/keystone/rocky/admin/identity-integrate-with-ldap.html#integrate-identity-backend-ldap
>
> --->I am getting below errors
> root at controller:~/client-scripts# openstack image list
> The request you have made requires authentication. (HTTP 401)
> (Request-ID: req-bdcde4be-5b62-4454-9084-19324603d0ce)
>
> --->so I checked keystone log
>
> POST http://controller:5000/v3/auth/tokens
> 2021-01-29 11:16:36.881 28558 WARNING keystone.auth.plugins.core
> [req-cf013eff-6e1e-43c4-a6ae-9f91f4fe48f9 - - - - -] Could not find
> user: neutron.: UserNotFound: Could not find user: neutron.
> 2021-01-29 11:16:36.881 28558 WARNING keystone.common.wsgi
> [req-cf013eff-6e1e-43c4-a6ae-9f91f4fe48f9 - - - - -] Authorization
> failed. The request you have made requires authentication.
> from192.168.xxx.xx: Unauthorized: The request you have made requires
> authentication.
> 2021-01-29 11:17:22.009 28556 INFO keystone.common.wsgi
> [req-a2a480a7-2ee1-4e11-8a48-dcf93ffb96db - - - - -]
> POSthttp://controller:5000/v3/auth/tokens
> 2021-01-29 11:17:22.039 28556 WARNING keystone.auth.plugins.core
> [req-a2a480a7-2ee1-4e11-8a48-dcf93ffb96db - - - - -] Could not find
> user: placement.: UserNotFound: Could not find user: placement.
That is because, if you switch the main domain from SQL to LDAP, it
will no longer "see" the users defined in the SQL database.
You can either define them again in LDAP or use LDAP with a different domain.
I find the latter a much cleaner solution.
-yoctozepto
More information about the openstack-discuss
mailing list