Comment 5 for bug 1157727

No worries, the patch you conflicted with was actually mine, and went in
just a few minutes ahead of yours, so I was happy to resolve it.

-Dolph

On Wed, Mar 20, 2013 at 8:40 PM, Sahdev Zala <email address hidden> wrote:

> Hi Dolph, I had the latest master on my system before I made commit so
> not sure why jenkins complained about "unable to be automatically
> merge..... with patch1" but thank you much for the patch2 and getting
> this into the build.
>
> I read your question about groups, and I did verify before code commit
> that changes pass the full test. Thanks!
>
> --
> You received this bug notification because you are a bug assignee.
> https://bugs.launchpad.net/bugs/1157727
>
> Title:
> ldap backend fails to work with enabled attributes on domains and
> groups
>
> Status in OpenStack Identity (Keystone):
> Fix Committed
>
> Bug description:
> I started working on a separate bug and attempted to run the live ldap
> tests:
>
> PYTHONPATH=. ./run_tests.sh --nologcapture
> _ldap_livetest:LiveLDAPIdentity.test_add_duplicate_role_grant
> test_add_duplicate_role_grant (_ldap_livetest.LiveLDAPIdentity) ... ERROR
>
> ======================================================================
> ERROR: test_add_duplicate_role_grant (_ldap_livetest.LiveLDAPIdentity)
> ----------------------------------------------------------------------
> Traceback (most recent call last):
> File
> "/Users/allan/repos/devstack/stack/keystone/tests/test_backend_ldap.py",
> line 52, in setUp
> self.load_fixtures(default_fixtures)
> File "/Users/allan/repos/devstack/stack/keystone/keystone/test.py",
> line 247, in load_fixtures
> rv = self.identity_api.create_domain(domain['id'], domain)
> File
> "/Users/allan/repos/devstack/stack/keystone/keystone/identity/backends/ldap/core.py",
> line 275, in create_domain
> return self.domain.create(domain)
> File
> "/Users/allan/repos/devstack/stack/keystone/keystone/identity/backends/ldap/core.py",
> line 968, in create
> return super(DomainApi, self).create(data)
> File
> "/Users/allan/repos/devstack/stack/keystone/keystone/common/ldap/core.py",
> line 256, in create
> conn.add_s(self._id_to_dn(values['id']), attrs)
> File
> "/Users/allan/repos/devstack/stack/keystone/keystone/common/ldap/core.py",
> line 384, in add_s
> return self.conn.add_s(dn, ldap_attrs)
> File
> "/Users/allan/repos/devstack/stack/keystone/.venv/lib/python2.7/site-packages/ldap/ldapobject.py",
> line 194, in add_s
> return self.result(msgid,all=1,timeout=self.timeout)
> File
> "/Users/allan/repos/devstack/stack/keystone/.venv/lib/python2.7/site-packages/ldap/ldapobject.py",
> line 422, in result
> res_type,res_data,res_msgid = self.result2(msgid,all,timeout)
> File
> "/Users/allan/repos/devstack/stack/keystone/.venv/lib/python2.7/site-packages/ldap/ldapobject.py",
> line 426, in result2
> res_type, res_data, res_msgid, srv_ctrls =
> self.result3(msgid,all,timeout)
> File
> "/Users/allan/repos/devstack/stack/keystone/.venv/lib/python2.7/site-packages/ldap/ldapobject.py",
> line 432, in result3
> ldap_result = self._ldap_call(self._l.result3,msgid,all,timeout)
> File
> "/Users/allan/repos/devstack/stack/keystone/.venv/lib/python2.7/site-packages/ldap/ldapobject.py",
> line 96, in _ldap_call
> result = func(*args,**kwargs)
> UNDEFINED_TYPE: {'info': 'enabled: attribute type undefined', 'desc':
> 'Undefined attribute type'}
>
> ----------------------------------------------------------------------
> Ran 1 test in 0.088s
>
> FAILED (errors=1)
>
> This is the same problem that was solved in earlier changes via
> enabled emulation. The tenant and user objects both take this into
> account. A workaround to get live ldap tests running is to simply
> ignore the enabled attributes in your backend_liveldap.conf:
>
> domain_attribute_ignore = enabled
> group_attribute_ignore = enabled
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/keystone/+bug/1157727/+subscriptions
>