Public bug reported:
We have keystone integrated with AD.
'user_id_attribute' is set to 'info'. So, when our users first get
created in AD, they don't always have this field populated. When a user
does not have a populated 'info' attribute, all keystone queries fail,
not just queries or rows containing that user.
Jul 7 14:02:12 node-38 keystone-all ID attribute info not found in LDAP
object <AD CN Object here>
Some examples of how I see keystone should be have in this situation:
List all users - list only correct users and ignore invalid.
Authenticate invalid user - this request should not be authenticated.
** Affects: keystone
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1478579
Title:
When user in AD doesn't have ID field all user handlers error out
Status in Keystone:
New
Bug description:
We have keystone integrated with AD.
'user_id_attribute' is set to 'info'. So, when our users first get
created in AD, they don't always have this field populated. When a
user does not have a populated 'info' attribute, all keystone queries
fail, not just queries or rows containing that user.
Jul 7 14:02:12 node-38 keystone-all ID attribute info not found in
LDAP object <AD CN Object here>
Some examples of how I see keystone should be have in this situation:
List all users - list only correct users and ignore invalid.
Authenticate invalid user - this request should not be authenticated.
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1478579/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
