Hi,
By setting the following one can limit the number of users shown (see also
https://bugs.launchpad.net/keystone/+bug/1501698 which shows the commit earlier
this year to include that feature)
[identity]
list_limit = 50
The efficiency of the query for getting users can be improved by the foll
-] Authorization failed. The
request you have made requires authentication. from 192.168.0.2
I don’t see any ldap in syslog.
Sean
From: Kseniya Tychkova
Date: Tuesday 2 August 2016 at 16:46
To: "openstack@lists.openstack.org" , "Boran
Sean, INI-INO-BX-IT"
Subject: [Opens
Hi,
So I logged in as admin/default, then switched to the ldap
domain(horizon/identity/domains/), added a role.
Next try to add a user to that role (/horizon/identity/users), but “Unable to
retrieve user list”.
In /var/log/user.log I see
LDAP bind: who=cn=bind-user,dc=example,dc=net
<14>Aug 2
Sean,
the problem may be in the following: in Mitaka release keystone requires
user to have a role in the domain it's getting authZ'ing in. We ran into
the problem when Horizon tried to authZ user in Default domain and got
the same error.
On 02.08.2016 16:25, sean.bo...@swisscom.com wrote:
Sean,
I would like to help you, but I need more information
1. could you please explain what means your phrase:
"On the command line with ldapsearch, users and groups can be listed (so
the attributes configured should be ok?)"
2. please try to use curl to debug:
- uncomment "admin_token = ADMIN" i
Hi,
I’m having a bit of fun try to use AD for identifying and authorising Users on
Openstack .
The idea is to use AD for read-only access to users/group definitions, but all
authorisation data to be stored in SQL.
What works: Users can be authenticated (LDAP bind works, verification of the
use
