_dn_to_id ignores user_id_attribute
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Expired
|
Low
|
Unassigned |
Bug Description
_dn_to_id is not affected when user_id_attribute is changed in keystone.conf.
https:/
Considering the following LDAP directory:
...
# userid, Users, openstack.org
dn: cn=userid,
objectClass: inetOrgPerson
userPassword:: e1NTSEF9Rit1bTl
sn: 25cbd5b54da8491
cn: userid
# test-group, UserGroups, openstack.org
dn: cn=test-
objectClass: groupOfNames
cn: test-group
ou: f44a7fbb9e174ba
member: cn=userid,
...
keystone.conf:
...
user_id_attribute = sn
user_name_attribute = cn
...
This results in users unable to found in groups.
e.g. `openstack user list --domain default --group test-group`
Expected: User ID and Name are returned
+------
| ID | Name |
+------
| 25cbd5b54da8491
+------
Actual: Nothing is returned
Changed in keystone: | |
assignee: | nobody → Boris Kudryavtsev (bkudryavtsev) |
description: | updated |
Changed in keystone: | |
milestone: | none → pike-rc1 |
importance: | Undecided → Low |
Fix proposed to branch: master /review. openstack. org/466389
Review: https:/