LDAP integration fails with "Minimum SSF not met."
Issue
When configuring keystone
to authentication against an LDAP server with a minSSF value greater than 0, keystone
fails to perform any authentication with this error:
# keystone user-list
Authorization Failed: An unexpected error prevented the server from fulfilling your request. {'info': 'Minimum SSF not met.', 'desc': 'Server is unwilling to perform'} (HTTP 500)
Environment
- Red Hat Enterprise Linux OpenStack Platform 5
- LDAP server with a "minssf" value greater than 0
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.