[Openstack] Problems with OpenStack and LDAP

Marc Pape marc.pape at gmail.com
Mon Aug 17 07:32:12 UTC 2015


Hello everybody,

i've got some problems with our OpenStack (Juno) and the Integrate
Identity Service over LDAP.
The LDAP connection is read only, so i configured the [identity],
[ldap] and [assignment] parts in keystone conf.
The identity part use "driver =
keystone.identity.backends.ldap.Identity" and assignment "driver =
keystone.assignment.backends.sql.Assignment"
Our goal is a user authentication via LDAP and project assignment in
the internal SQL . It would be great if the service users of OpenStack
are also stored in SQL, but they are also currently in the LDAP
deposited.
After restarting the Keystone Service authentication via LDAP is
possible. The user get the message that no projects assigned to him.
Now there are wto problems. How can you log in as admin to assign
projects and keystone said that it couldn't find the service user like
ceilometer, neutron and so on.
I've followed the instructions on docs.openstack.org for Identity
management, but i didn't find any notices about that problems.

Many greetings and thanks for a possible answer

Marc




More information about the Openstack mailing list