Hi everyone, I'm currently trying to implent a test configuration of keystone using ldap as backend. I've configured everything following those instructions ( http://docs.openstack.org/developer/keystone/configuration.html#configuring-the-ldap-identity-provider), but if I try to create a new tenant named service (keystone tenant-create --name service )the creation fails and I get the following error: An unexpected error prevented the server from fulfilling your request. {'info': 'enabled: attribute type undefined', 'desc': 'Undefined attribute type'} (HTTP 500) Other keystone client commands fail too. According to this post ( http://www.gossamer-threads.com/lists/openstack/dev/12444?do=post_view_threaded)no custom ldap schema should be required. What I'm not sure about is if this is expected behavior (I.E. Does the keystone client only works with a SQL backend?) or do I have some error in my implementation? Also, if the keystone client only works with an SQL backend how should I manage users, roles, tenants etc? Thanks in advance for the help Emanuele -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20120712/da094c57/attachment.html>