I'm going to mark this as Invalid for the time being since we don't have
a plan to support MFA for non-SQL users. Please feel free to continue
using this bug report for discussion, though.
** Changed in: keystone
Status: New => Invalid
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1857086
Title:
Trying to update user options field for ldap user gives 403 forbidden
Status in OpenStack Identity (keystone):
Invalid
Bug description:
I am trying to set up MFA for ldap users. Ldap configuration is done.
While running the below api as an admin, I get the 403 forbidden
error.
PATCH "/v3/users/{user_id}"
{
"user": {
"enabled": true,
"options": {
"multi_factor_auth_enabled": true
}
}
}
Result -> You are not authorized to perform the requested action, 403
Forbidden.
There is not much information in the logs. Found the below in
keystone.log,
2019-12-19 23:58:59.759 51472 WARNING
keystone.server.flask.application [req-
7d011897-6662-46d1-9df3-8956bf9f5639
bf9f5018298590e9c675df62943158939e2e145758538564bca05042bc0a556a
f9fe381c5db344ec8445bb8d45d0285b - default default] You are not
authorized to perform the requested action.: Forbidden: You are not
authorized to perform the requested action.
Is this a bug or setting user options is not allowed for ldap users?
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1857086/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
