/bin/openstack user list --quiet --format csv --long'
127.0.0.1 - - [10/Mar/2016:08:15:41 -0500] "GET /v3/users HTTP/1.1" 401 114 "-" "python-keystoneclient"
If I add a domain option to the openstack user list command, I get the
users of the domain (not 401)
If I do a project list it works and returns the complete list of all
projects in all domains:
Debug: Executing '/bin/openstack project list --quiet --format csv --long'
127.0.0.1 - - [10/Mar/2016:08:22:00 -0500] "GET /v3/projects HTTP/1.1" 200 471 "-" "python-keystoneclient"
=> [{:id=>"1ff87dbb8e6e45d5b43a49a812fafb88", :name=>"admin", :domain_id=>"default", :description=>"Bootstrap project for initializing the cloud.", :enabled=>"True"},
{:id=>"60f86c662af248449c1007fbf32ed5af", :name=>"openstackv3", :domain_id=>"463e1bb751374a0586a867a73cb35330", :description=>"admin tenant", :enabled=>"True"},
{:id=>"746e5e3d02b04d079dfa639ac5d03886", :name=>"services", :domain_id=>"default", :description=>"Tenant for the openstack services", :enabled=>"True"},
{:id=>"bcf81b0d73b74c85b01e1b15f38be64e", :name=>"openstack", :domain_id=>"default", :description=>"admin tenant", :enabled=>"True"},
{:id=>"e00959d5ac2545a5a77d137d20e0f9f8", :name=>"servicesv3", :domain_id=>"a43714e50901474eb328daf380ef24ee", :description=>"Tenant for the openstack services", :enabled=>"True"}]
If I try the exact same command (without the domain option) with
"domain_specific_drivers_enabled=false" in keystone.conf, I get the
list of users in all domains.
This is rather confusing. The "401", unauthorized error is confusing.
The discrepancy between user and project behavior is confusing.
Hi,
Setting "domain_ specific_ drivers_ enabled= true" in the kesytone.conf,
prevents my calls to "/v3/users" to works when using the admin_token:
@token= "admin_ token", @url="http:// 127.0.0. 1:35357/ v3
->
/bin/openstack user list --quiet --format csv --long' 2016:08: 15:41 -0500] "GET /v3/users HTTP/1.1" 401 114 "-" "python- keystoneclient"
127.0.0.1 - - [10/Mar/
If I add a domain option to the openstack user list command, I get the
users of the domain (not 401)
If I do a project list it works and returns the complete list of all
projects in all domains:
Debug: Executing '/bin/openstack project list --quiet --format csv --long' 2016:08: 22:00 -0500] "GET /v3/projects HTTP/1.1" 200 471 "-" "python- keystoneclient" "1ff87dbb8e6e45 d5b43a49a812faf b88", :name=>"admin", :domain_ id=>"default" , :description= >"Bootstrap project for initializing the cloud.", :enabled=>"True"}, id=>"60f86c662a f248449c1007fbf 32ed5af" , :name=> "openstackv3" , :domain_ id=>"463e1bb751 374a0586a867a73 cb35330" , :description= >"admin tenant", :enabled=>"True"}, id=>"746e5e3d02 b04d079dfa639ac 5d03886" , :name=>"services", :domain_ id=>"default" , :description= >"Tenant for the openstack services", :enabled=>"True"}, id=>"bcf81b0d73 b74c85b01e1b15f 38be64e" , :name=>"openstack", :domain_ id=>"default" , :description= >"admin tenant", :enabled=>"True"}, id=>"e00959d5ac 2545a5a77d137d2 0e0f9f8" , :name=> "servicesv3" , :domain_ id=>"a43714e509 01474eb328daf38 0ef24ee" , :description= >"Tenant for the openstack services", :enabled=>"True"}]
127.0.0.1 - - [10/Mar/
=> [{:id=>
{:
{:
{:
{:
If I try the exact same command (without the domain option) with specific_ drivers_ enabled= false" in keystone.conf, I get the
"domain_
list of users in all domains.
This is rather confusing. The "401", unauthorized error is confusing.
The discrepancy between user and project behavior is confusing.
So what is the "correct" behavior ?