keystone client cannot get users by id when ldap is used and id is not a hash (id == uid in posixAccount)
Bug #1204214 reported by
Adam Tygart
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
python-keystoneclient |
Fix Released
|
High
|
Jamie Lennox | ||
python-openstackclient |
Invalid
|
High
|
Terry Howe |
Bug Description
keystone user-get mozes
should return:
+------
| Property | Value |
+------
| email | <email address hidden> |
| enabled | True |
| id | mozes |
| name | Adam Tygart |
+------
instead returns:
No user with a name or ID of 'mozes' exists.
relevant keystone.conf entry:
[ldap]
use_dumb_member = True
user_allow_create = False
user_allow_update = False
user_allow_delete = False
user_mail_attribute = mail
user_id_attribute = uid
user_name_attribute = cn
user_objectclass = posixAccount
affects: | keystone → python-keystoneclient |
Changed in python-keystoneclient: | |
assignee: | nobody → Adam Tygart (mozes-7) |
status: | New → In Progress |
Changed in python-keystoneclient: | |
milestone: | none → 0.4.0 |
Changed in python-keystoneclient: | |
status: | Fix Committed → Fix Released |
Changed in python-openstackclient: | |
importance: | Undecided → High |
status: | New → Confirmed |
milestone: | none → m2 |
Changed in python-openstackclient: | |
assignee: | nobody → Terry Howe (thowe-g) |
status: | Confirmed → In Progress |
To post a comment you must log in.
assignment/core.py: project_ roles() :
group_ id=x['id' ],
domain_ id=project_ ref['domain_ id'])
def _get_group_
...
metadata_ref = self._get_metadata(
self._get_ metadata( ) gets called with user_id=None
assignment/ backends/ ldap.py: project( tenant_ id) or
user_ id and not self.identity_ api.get_ user(user_ id)):
def _get_metadata():
...
if (not self.get_
self.identity_ api.get_ user(user_ id) raises "user not found" since user_id = None