...
user_id_attribute = sn
user_name_attribute = cn
...
This results in users unable to found in groups.
e.g. `openstack user list --domain default --group test-group`
Expected: User ID and Name are returned
+----------------------------------+---------------------+
| ID | Name |
+----------------------------------+---------------------+
| 25cbd5b54da849128b89c3f7ab6e5bff | userid |
+----------------------------------+---------------------+
_dn_to_id is not affected when user_id_attribute is changed in keystone.conf. /github. com/openstack/ keystone/ blob/master/ keystone/ identity/ backends/ ldap/common. py#L1280
https:/
Considering the following LDAP directory:
... ou=Users, dc=openstack, dc=org OS2FKdWM2bWFhWU tmRGQ5dmlBdEd6N EFydHY= 28b89c3f7ab6e5b ff
# userid, Users, openstack.org
dn: cn=userid,
objectClass: inetOrgPerson
userPassword:: e1NTSEF9Rit1bTl
sn: 25cbd5b54da8491
cn: userid
# test-group, UserGroups, openstack.org group,ou= UserGroups, dc=openstack, dc=org 5823474c759d436 43 ou=Users, dc=openstack, dc=org
dn: cn=test-
objectClass: groupOfNames
cn: test-group
ou: f44a7fbb9e174ba
member: cn=userid,
...
keystone.conf:
...
user_id_attribute = sn
user_name_attribute = cn
...
This results in users unable to found in groups. ------- ------- ------- ------- +------ ------- ------- -+ ------- ------- ------- ------- +------ ------- ------- -+ 28b89c3f7ab6e5b ff | userid | ------- ------- ------- ------- +------ ------- ------- -+
e.g. `openstack user list --domain default --group test-group`
Expected: User ID and Name are returned
+------
| ID | Name |
+------
| 25cbd5b54da8491
+------
Actual: Nothing is returned