OpenStack Identity (keystone)

Tenant addition giving problems over OpenLDAP

Asked by Nag

Hi,

I have installed OpenLDAP and Keystone on Ubuntu 11.04 successfully.

When I am trying to add tenant using keystone-manage tenant add Tenant1, I am getting below error:
passlib.registry: INFO registered crypt handler 'sha512_crypt': <class 'passlib.handlers.sha2_crypt.sha512_crypt'>
sqlalchemy.engine.base.Engine: INFO PRAGMA table_info("credentials")
sqlalchemy.engine.base.Engine: INFO ()
sqlalchemy.engine.base.Engine: INFO PRAGMA table_info("token")
sqlalchemy.engine.base.Engine: INFO ()
sqlalchemy.engine.base.Engine: INFO PRAGMA table_info("services")
sqlalchemy.engine.base.Engine: INFO ()
sqlalchemy.engine.base.Engine: INFO PRAGMA table_info("endpoint_templates")
sqlalchemy.engine.base.Engine: INFO ()
sqlalchemy.engine.base.Engine: INFO PRAGMA table_info("endpoints")
sqlalchemy.engine.base.Engine: INFO ()
ERROR: {'info': 'objectClass: value #1 invalid per syntax', 'desc': 'Invalid syntax'}
root : ERROR {'info': 'objectClass: value #1 invalid per syntax', 'desc': 'Invalid syntax'}
Traceback (most recent call last):
  File "./keystone-manage", line 16, in <module>
    keystone.manage.main()
  File "/root/keystone/keystone/manage/__init__.py", line 284, in main
    raise exc
ldap.INVALID_SYNTAX: {'info': 'objectClass: value #1 invalid per syntax', 'desc': 'Invalid syntax'}

I cross checked the configurations and they seem good.

Please help me on this.

Regards,
Nag.

Question information

Language:
English Edit question
Status:
Solved
For:
OpenStack Identity (keystone) Edit question
Assignee:
No assignee Edit question
Solved by:
Nag
Solved:
Last query:
Last reply:
Revision history for this message
Joseph Heck (heckj) said : 		#1

Nag -

You're using an older version of Keystone (likely from the Essex-3 milestone or before). We've dramatically changed the code since then, and I recommend you update your code to the latest (essex-4 milestone) release. We've just added back in an LDAP back-end, but don't have the documentation up for configuring it at this time. Adam Young has been driving an initial implementation, and he might have some specific suggestions for how to get it basically up and running for you.

Revision history for this message
Adam Young (ayoung) said : 		#2

The fact that there is SQL Alchemy lines in your stack trace indicate that you are not talking to LDAP.

In order to add a user to LDAP, you need to use the HTTP API, and cannot do it via Keystone Manage.

Revision history for this message
Nag (srirangamn) said : 		#3

Hi,

I did not do any code changes. I installed OpenLDAP and keystone and followed the steps in nova.sh script.

Sometimes, it is working fine and sometimes not.

I did a clean and installed them again. Now it is working fine.

Thanks for the help.