[Expired for Keystone because there has been no activity for 60 days.] ** Changed in: keystone Status: Incomplete => Expired
-- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to Keystone. https://bugs.launchpad.net/bugs/1274715 Title: LOG.debug not working in LDAP code Status in OpenStack Identity (Keystone): Expired Bug description: When I was first setting up a connection to LDAP via keystone I fought through some configuration issues. One of the first issues is that I had user_name_attribute incorrect so that it could not validate my specified user on a a request like "keystone user-list". Unfortunately when the failure scenario here happens, you get no useful logging, even with Debug and Verbose enabled. The only message available is: 2014-01-30 21:41:45.461 9499 WARNING keystone.common.wsgi [-] Authorization failed. Could not find user, foo. from 10.33.0.17 and from the CLI: root@test-03:~# keystone user-list Could not find user, foo. (HTTP 401) It's not even obvious from this that LDAP was used at all much less what the issue might be. I ended up adding my own logging and once I dumped the query that get_by_name ends up calling the issue was obvious: (&(cn=foo)(objectClass=inetUser)) Since in my case cn was incorrect. I've been digging some to see if I can add logging here without logging every query call without too much success, although I've not had a ton of time. If someone has a suggestion I'd be happy to work on it. To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1274715/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp