'openstack user list' is not listing userid correctly in case of LDAP
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
The command 'openstack user list' is not listing proper user details when keystone is configured with LDAP.
The user_id_attribute is set to uid but user listing show hash like ids during user listing.
This behavior is seen in Pike release.
keystone.conf
[ldap]
user_id_attribute = uid
user_mail_attribute = mail
user_name_attribute = cn
The First column is ID, it should show the correct ID of user from LDAP based on 'user_id_attribute'
but here is showing hash like id.
[root@a2n1 ~]# openstack user list --domain EXT_USER_DOMAIN
+------
| ID | Name |
+------
| dfda96a70eec870
| 98d8c9a1f148c15
| ee70d65cd729d20
In Mitaka or earlier release, value of ID was coming from LDAP and was correctly shown in ID column of 'openstack user list' output.
The Functionality also seems to broken.
For example, if user has following configuration
[ldap]
user_id_attribute = uid
user_name_attribute = cn
and on LDAP if user has following details
uid=userrw
cn=rwuser
In Mitaka or previous release, all functionality used to work for both ID and Name. Like user was able to user userrw and rwuser for openstack command.
But in pike, openstack commands work only with name attribute. ie rwuser.
Operstack command fails if user try to use userrw in openstack commands. The logs shows user not found errors.