I am running Keystone in a virtual environment with LDAP backend.
When useridattribute is set to sn (and the LDAP directory is
openstack user list --domain default --group test-group results in
not found in the directory.
The user should be removed from the group. The user will be ignored.
for a groupOfNames that has userid as a member.
openstack user list works OK and lists all user names and ids.
It seems that the problem is here:
cn is used as the id attribute regardless of configuration in
LDAP directory: http://paste.openstack.org/show/609846/
Any ideas? This smells of a bug.
OpenStack Development Mailing List (not for usage questions)