Public bug reported:
When running `openstack user list --domain mydomain --group mygroup` All
users in the LDAP group are not returned. Examples below - but it seems
that when the distinguishedName does not match the userid/SAMAccount
property - the entry is not displayed.
Example of a user ID that is NOT displayed, but authentication works fine:
LDAP group "groupname":
```
distinguishedName
-----------------
CN=LASTNAME\, FIRSTNAME,OU=Users,OU=HQ,DC=subdomain,DC=domain,DC=com
```
OpenStack user query:
~# openstack user list --domain domain --group groupname
```
result: returns no user ID/Name
Example of a user ID that is CORRECTLY displayed, and authentication works:
LDAP group "groupname":
```
distinguishedName
-----------------
CN=userid,OU=Users,OU=HQ,DC=subdomain,DC=domain,DC=com
```
OpenStack user query:
~# openstack user list --domain domain --group groupname
```
result: returns ID and Name correctly
```
+------------------------------------------------------------------+------------+
| ID | Name
|
+------------------------------------------------------------------+------------+
| 76665c0ff7d4b75a173780ce744f3b86ca97358f23e8d928c4eb25b84c99926a | userid
|
```
** Affects: keystone
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1671196
Title:
user list for LDAP group does not contain all members
Status in OpenStack Identity (keystone):
New
Bug description:
When running `openstack user list --domain mydomain --group mygroup`
All users in the LDAP group are not returned. Examples below - but it
seems that when the distinguishedName does not match the
userid/SAMAccount property - the entry is not displayed.
Example of a user ID that is NOT displayed, but authentication works fine:
LDAP group "groupname":
```
distinguishedName
-----------------
CN=LASTNAME\, FIRSTNAME,OU=Users,OU=HQ,DC=subdomain,DC=domain,DC=com
```
OpenStack user query:
~# openstack user list --domain domain --group groupname
```
result: returns no user ID/Name
Example of a user ID that is CORRECTLY displayed, and authentication works:
LDAP group "groupname":
```
distinguishedName
-----------------
CN=userid,OU=Users,OU=HQ,DC=subdomain,DC=domain,DC=com
```
OpenStack user query:
~# openstack user list --domain domain --group groupname
```
result: returns ID and Name correctly
```
+------------------------------------------------------------------+------------+
| ID | Name
|
+------------------------------------------------------------------+------------+
| 76665c0ff7d4b75a173780ce744f3b86ca97358f23e8d928c4eb25b84c99926a | userid
|
```
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1671196/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
