the user-create should not be used as you do.
To create a user by keystone, the command should be:
keystone user-create --name=somethingelse --pass="xxx" --<email address hidden>
and then bind tenant, role and user together by:
keystone user-role-add --user userid --role roleid --tenant_id idforsomethingtenant
Why did your command get error like that? Because you are specifying the tenant of admin to your newly created tenantid, which admin account is not in.
You can add --debug to see what is sending behind scene.
+++++++++++++++++++++++++++++++++++++++++++++++++
jenkins@Soren-1:~/devstack$ keystone tenant-create --name=something
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | None |
| enabled | True |
| id | 1fbcafe2a91049dab2321180ea6cf567 |
| name | something |
+-------------+----------------------------------+
jenkins@Soren-1:~/devstack$ keystone user-create --name=somethingelse --tenant_id=1fbcafe2a91049dab2321180ea6cf567
No handlers could be found for logger "keystoneclient.client"
Invalid tenant (HTTP 401)
jenkins@Soren-1:~/devstack$ keystone user-create --name=somethingelse --tenant_id 1fbcafe2a91049dab2321180ea6cf567
No handlers could be found for logger "keystoneclient.client"
Invalid tenant (HTTP 401)
jenkins@Soren-1:~/devstack$ keystone tenant-list
+----------------------------------+--------------------+---------+
| id | name | enabled |
+----------------------------------+--------------------+---------+
| 1fbcafe2a91049dab2321180ea6cf567 | something | True |
| 894f670456884611b82a88a9231a0c9d | invisible_to_admin | True |
| e0d1e304feda4250b235c2fa6061d010 | demo | True |
| e2daf9dea45f482a8877fa9fe6c2e7e5 | admin | True |
| f6c5aeb7ab884912a9fabd59e14265a9 | service | True |
+----------------------------------+--------------------+---------+
jenkins@Soren-1:~/devstack$
the user-create should not be used as you do. somethingelse --pass="xxx" --<email address hidden>
To create a user by keystone, the command should be:
keystone user-create --name=
and then bind tenant, role and user together by: enant
keystone user-role-add --user userid --role roleid --tenant_id idforsomethingt
Why did your command get error like that? Because you are specifying the tenant of admin to your newly created tenantid, which admin account is not in.
You can add --debug to see what is sending behind scene.
+++++++ +++++++ +++++++ +++++++ +++++++ +++++++ +++++++ Soren-1: ~/devstack$ keystone tenant-create --name=something ------- +------ ------- ------- ------- ------- + ------- +------ ------- ------- ------- ------- + ab2321180ea6cf5 67 | ------- +------ ------- ------- ------- ------- + Soren-1: ~/devstack$ keystone user-create --name= somethingelse --tenant_ id=1fbcafe2a910 49dab2321180ea6 cf567 .client" Soren-1: ~/devstack$ keystone user-create --name= somethingelse --tenant_id 1fbcafe2a91049d ab2321180ea6cf5 67 .client" Soren-1: ~/devstack$ keystone tenant-list ------- ------- ------- ------- +------ ------- ------- +------ ---+ ------- ------- ------- ------- +------ ------- ------- +------ ---+ ab2321180ea6cf5 67 | something | True | 1b82a88a9231a0c 9d | invisible_to_admin | True | 0b235c2fa6061d0 10 | demo | True | a8877fa9fe6c2e7 e5 | admin | True | 2a9fabd59e14265 a9 | service | True | ------- ------- ------- ------- +------ ------- ------- +------ ---+ Soren-1: ~/devstack$
jenkins@
+------
| Property | Value |
+------
| description | None |
| enabled | True |
| id | 1fbcafe2a91049d
| name | something |
+------
jenkins@
No handlers could be found for logger "keystoneclient
Invalid tenant (HTTP 401)
jenkins@
No handlers could be found for logger "keystoneclient
Invalid tenant (HTTP 401)
jenkins@
+------
| id | name | enabled |
+------
| 1fbcafe2a91049d
| 894f67045688461
| e0d1e304feda425
| e2daf9dea45f482
| f6c5aeb7ab88491
+------
jenkins@