- Keystone LDAP integration does not cleanly handle LDAP Referral records. If a referral record is returned by the LDAP server then python encounters a type mismatch when it gets a string (the referral URL) where it is expecting an attribute array. Keystone should either handle referrals correctly or set the protocol option LDAP_OPT_REFERRALS to 0 when performing a BIND operation. In either case, Keystone should verify the type of the return record before attempting to decode it.
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.