Description of problem:
With an existing OSP 10 provider configured, we are attempting to change the service user to an account with rights to more domains/tenants/projects.
With the matching credentials, said user can log in and access Horizon. CF reports bad username or password.
The domain ID is correct ; same result if inputted the domain by name.
DEBUG fog.log output:
[----] D, [2017-07-11T12:15:59.568816 #15132:4e65ec] DEBUG -- : excon.request
{:uri=>"https://10.75.13.138:13000/v3/auth/tokens",
:method=>"POST",
:headers=>
{"User-Agent"=>"fog-core/1.44.3",
"Content-Type"=>"application/json",
"Host"=>"10.75.13.138:13000"},
:body=>
"{\"auth\":{\"identity\":{\"methods\":[\"password\"],\"password\":{\"user\":{\"password\":\"********\"},\"name\":\"SVC-tpavcpcfadmin\"}}},\"scope\":{\"domain\":{\"id\":\"c527165c417a404f97bee2ef3506f105\"}}}}"}
[----] E, [2017-07-11T12:16:00.146692 #15132:4e65ec] ERROR -- : excon.error #<Excon::Error::Unauthorized: Expected([201]) <=> Actual(401 Unauthorized)
excon.error.response
:body => "{\"error\": {\"message\": \"The request you have made requires authentication.\", \"code\": 401, \"title\": \"Unauthorized\"}}"
:cookies => [
]
:headers => {
"Content-Length" => "114"
"Content-Type" => "application/json"
"Date" => "Tue, 11 Jul 2017 16:17:54 GMT"
"Server" => "Apache"
"Vary" => "X-Auth-Token"
"WWW-Authenticate" => "Keystone uri=\"https://10.75.13.138:13000\""
"x-openstack-request-id" => "req-bee78d73-234a-449f-a413-c098dbc66965"
}
:host => "10.75.13.138"
:local_address => "96.239.250.148"
:local_port => 45516
:path => "/v3/auth/tokens"
:port => 13000
:reason_phrase => "Unauthorized"
:remote_ip => "10.75.13.138"
:status => 401
:status_line => "HTTP/1.1 401 Unauthorized\r\n"
>
Version-Release number of selected component (if applicable):
OSP 10
CFME 5.8
How reproducible:
Steps to Reproduce:
1.
2.
3.
Actual results:
Expected results:
Additional info:
Can we see a full evm.log? Also, is it possible to see what happens if a new provider is added with the new user? That can help us figure out whether it's an issue with the user, or specifically with changing the user for a provider.