can't use "$" in password for ldap authentication
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Invalid
|
Medium
|
Kent Wang | ||
oslo.config |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
keystone can't connect to ldap server if "$" used in password.
keystone.tld.conf
[identity]
driver = keystone.
[assignment]
driver = keystone.
[ldap]
url=ldap:
<email address hidden>
password=Pa$$w0rd
suffix=
query_scope = sub
user_tree_
user_objectclas
user_id_
#user_name_
user_name_
use_pool = true
pool_size = 10
pool_retry_max = 3
pool_retry_delay = 0.1
pool_connection
pool_connection
use_auth_pool = true
auth_pool_size = 100
auth_pool_
debug_level = 4095
Debug from log:
<15>Jul 31 14:00:04 node-1 keystone-all LDAP init: url=ldap:
<15>Jul 31 14:00:04 node-1 keystone-all LDAP init: use_tls=False tls_cacertfile=None tls_cacertdir=None tls_req_cert=2 tls_avail=1
<15>Jul 31 14:00:04 node-1 keystone-all LDAP bind: who=CN=
<15>Jul 31 14:00:04 node-1 keystone-all arg_dict: {}
<14>Jul 31 14:00:04 node-1 keystone-all 192.168.0.2 - - [31/Jul/2015 14:00:04] "OPTIONS / HTTP/1.0" 300 919 0.143915
<15>Jul 31 14:00:04 node-1 keystone-all arg_dict: {}
<14>Jul 31 14:00:05 node-1 keystone-all 192.168.0.2 - - [31/Jul/2015 14:00:05] "OPTIONS / HTTP/1.0" 300 921 0.155419
<11>Jul 31 14:00:05 node-1 keystone-all {'info': '80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityC
while I can connect to server with ldapsearch
Changed in keystone: | |
assignee: | nobody → Kent Wang (k.wang) |
This might have something to do with oslo.config doing replacement.