Keystone LDAP integration not sending filters

Solution Verified - Updated -

Issue

  • In the Keystone configuration, if the authentication method is set to LDAP and specify a "user_filter =" entry in the LDAP subsection to restrict the query scope then Keystone doesn't appear to use that query when authenticating users. As a result multiple records are returned from LDAP if there are multiple trees under the search base which have records matching the primitive UID.

Environment

  • Red Hat Enterprise Linux OpenStack Platform 4.0

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In