Bug 1252816 - [RFE][keystone] Tool needed to manipulate the assignments directly
Summary: [RFE][keystone] Tool needed to manipulate the assignments directly
Keywords:
Status: CLOSED DUPLICATE of bug 1252817
Alias: None
Product: Red Hat OpenStack
Classification: Red Hat
Component: openstack-keystone
Version: 6.0 (Juno)
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: 8.0 (Liberty)
Assignee: Jamie Lennox
QA Contact: yeylon@redhat.com
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-08-12 09:46 UTC by Eduard Barrera
Modified: 2016-04-26 14:51 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-08-31 20:49:16 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)

Description Eduard Barrera 2015-08-12 09:46:24 UTC
Description of problem:

When a user is deleted in a LDAP or AD backend it happens that some leftover information remains in the assignments table. When it happens we can see in the project the user uuid but we are not able to delete it.

We would like to have a tool to manipulate the assignments directly without having to go to the database in order to achieve this task, for example

# keystone assignment-delete <tenant> <user>

or a way to resync the current assignment with the backend and remove from the database the deleted users

Version-Release number of selected component (if applicable):
OSP 6

How reproducible:
always

Steps to Reproduce:
 
Starting from a keystone using AD backend:

1. Give a role in a project to the user
2. Delete the user from the backend
3.

Actual results:
A uuid is displayed in the project users
It is not possible to delete it manually


Expected results:
- uuid not displayed in the project users
- a way to delete the assignement when it happens



Additional info:

Comment 3 Nathan Kinder 2015-08-31 20:49:16 UTC

*** This bug has been marked as a duplicate of bug 1252817 ***


Note You need to log in before you can comment on or make changes to this bug.