So I grabbed the wrong error messages:
2015-12-16 17:07:36.365 20386 INFO keystone.common.wsgi [-] GET https://openstack-dev.int.godaddy.com:35357/v2.0/tenants 2015-12-16 17:07:36.376 20386 DEBUG keystone.policy.backends.rules [-] enforce admin_required: {'user_id': u'xxxx', u'is_admin': 0, u'roles': [u'admin'], 'tenant_id': u'f48e57277a7a484290ba9afdc49a21a9'} enforce /usr/lib/python2.7/site-packages/keystone/policy/backends/rules.py:76 2015-12-16 17:07:36.377 20386 DEBUG oslo_policy.openstack.common.fileutils [-] Reloading cached file /etc/keystone/policy.json read_cached_file /usr/lib/python2.7/site-packages/oslo_policy/openstack/common/fileutils.py:64 2015-12-16 17:07:36.384 20386 DEBUG oslo_policy.policy [-] Reloaded policy file: /etc/keystone/policy.json _load_policy_file /usr/lib/python2.7/site-packages/oslo_policy/policy.py:425 2015-12-16 17:07:36.493 20386 WARNING keystone.common.wsgi [-] Authorization failed. Non-default domain is not supported (Disable debug mode to suppress these details.) (Disable debug mode to suppress these details.) from 10.224.48.132 2015-12-16 17:07:36.499 20386 INFO eventlet.wsgi.server [-] 10.224.48.132 - - [16/Dec/2015 17:07:36] "GET /v2.0/tenants HTTP/1.1" 401 454 0.236560
RC file we are using: export OS_USERNAME=xxxx export OS_TENANT_NAME=openstack export OS_PROJECT_NAME=openstack export OS_PASSWORD='xxxx' export OS_IDENTITY_API_VERSION=2.0 export OS_AUTH_URL=https://openstack-dev.int.godaddy.com:35357/v2.0/ export OS_AUTH_URL_V3=https://openstack-dev.int.godaddy.com:35357/v3/
The default domain is tied to read-only ldap and the admin user is a user in the ldap domain.
So I grabbed the wrong error messages:
2015-12-16 17:07:36.365 20386 INFO keystone. common. wsgi [-] GET https:/ /openstack- dev.int. godaddy. com:35357/ v2.0/tenants policy. backends. rules [-] enforce admin_required: {'user_id': u'xxxx', u'is_admin': 0, u'roles': [u'admin'], 'tenant_id': u'f48e57277a7a4 84290ba9afdc49a 21a9'} enforce /usr/lib/ python2. 7/site- packages/ keystone/ policy/ backends/ rules.py: 76 openstack. common. fileutils [-] Reloading cached file /etc/keystone/ policy. json read_cached_file /usr/lib/ python2. 7/site- packages/ oslo_policy/ openstack/ common/ fileutils. py:64 policy. json _load_policy_file /usr/lib/ python2. 7/site- packages/ oslo_policy/ policy. py:425 common. wsgi [-] Authorization failed. Non-default domain is not supported (Disable debug mode to suppress these details.) (Disable debug mode to suppress these details.) from 10.224.48.132 wsgi.server [-] 10.224.48.132 - - [16/Dec/2015 17:07:36] "GET /v2.0/tenants HTTP/1.1" 401 454 0.236560
2015-12-16 17:07:36.376 20386 DEBUG keystone.
2015-12-16 17:07:36.377 20386 DEBUG oslo_policy.
2015-12-16 17:07:36.384 20386 DEBUG oslo_policy.policy [-] Reloaded policy file: /etc/keystone/
2015-12-16 17:07:36.493 20386 WARNING keystone.
2015-12-16 17:07:36.499 20386 INFO eventlet.
RC file we are using: NAME=openstack NAME=openstack API_VERSION= 2.0 /openstack- dev.int. godaddy. com:35357/ v2.0/ /openstack- dev.int. godaddy. com:35357/ v3/
export OS_USERNAME=xxxx
export OS_TENANT_
export OS_PROJECT_
export OS_PASSWORD='xxxx'
export OS_IDENTITY_
export OS_AUTH_URL=https:/
export OS_AUTH_URL_V3=https:/
The default domain is tied to read-only ldap and the admin user is a user in the ldap domain.