Fuel Plugins

[plugin ldap] Active Directory requres additional parameter chase_referrals

Bug #1532803 reported by Roman Sokolkov on 2016-01-11

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Fuel Plugins	Incomplete	High	Max Yatsenko	Fuel Plugins 9.0

Bug Description

Environment: MOS 7.0

This plugin https://github.com/openstack/fuel-plugin-ldap should also have configurable "chase_referrals" parameter.

Which is required in case Active Directory. Usually it should be set to "chase_referrals=0".

By default (if no chase_referrals specified) we'r getting following error:
In order to perform this operation a successful bind must be completed on the connection.

Tags:

Ilya Kutukov (ikutukov) on 2016-01-11

Changed in fuel:
assignee:	nobody → Fuel Plugins Bugs (fuel-plugins-bugs)
assignee:	Fuel Plugins Bugs (fuel-plugins-bugs) → nobody

Alexey Shtokolov (ashtokolov) on 2016-01-11

affects:

fuel → fuel-plugins

Revision history for this message

Irina Povolotskaya (ipovolotskaya) wrote on 2016-01-12:

Ilya, I wonder why customer used the self-built plugin - we got LDAP validated and it's so far published.
Anyway, I've assigned the bug to Max, the plugin maintainer.

tags:	added: ldap
Changed in fuel-plugins:
importance:	Undecided → High
assignee:	nobody → Max Yatsenko (myatsenko)
milestone:	none → 7.0

Max Yatsenko (myatsenko) on 2016-04-11

Changed in fuel-plugins:
milestone:	7.0 → 9.0

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-06-14: Related fix proposed to fuel-plugin-ldap (master)

Related fix proposed to branch: master
Review: https://review.openstack.org/329659

Max Yatsenko (myatsenko) on 2016-06-15

Changed in fuel-plugins:
status:	New → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-06-15: Related fix merged to fuel-plugin-ldap (master)

Reviewed: https://review.openstack.org/329659
Committed: https://git.openstack.org/cgit/openstack/fuel-plugin-ldap/commit/?id=6707739fbe8d2257857fc1fc3a71b5a8812cb86a
Submitter: Jenkins
Branch: master

commit 6707739fbe8d2257857fc1fc3a71b5a8812cb86a
Author: Maksym Yatsenko <email address hidden>
Date: Wed Jun 15 14:13:20 2016 +0300

Add 'chase_referrals' parameter.

its used for overriding the system's default
referral chasing behavior for queries.

Change-Id: Icc207bcc4180b7249e5bf415ce7e661fdaf7ee21
Related-Bug: #1532803

Max Yatsenko (myatsenko) on 2016-06-16

Changed in fuel-plugins:
status:	In Progress → Fix Committed

Revision history for this message

Alexander Petrov (apetrov-n) wrote on 2016-06-23:

I have checked the fix. The parameter has been added to configuration.
Now we can define this parameter in LDAP settings in Fuel Web. But it does not affect my current AD-domain at all. We have env with AD-domain and it works with and without this parameter.
So I need more detailed test case (or steps to reproduce) to make sure that this parameter works.

Changed in fuel-plugins:
status:	Fix Committed → Incomplete

Revision history for this message

Dmitry Dmitriev (dmdmitriev) wrote on 2016-06-30:

I have done a small research about referrals in AD. Additional details can be found here:

https://mirantis.jira.com/browse/PDT-55

My conclusion: customer has a very specific AD configuration which affects Keystone with default chase_referrals option.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.