Bug 1403043 - LDAP Domain not available on OpenStack9 Horizon Dashboard
Summary: LDAP Domain not available on OpenStack9 Horizon Dashboard
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat OpenStack
Classification: Red Hat
Component: python-django-horizon
Version: 9.0 (Mitaka)
Hardware: Unspecified
OS: Unspecified
unspecified
high
Target Milestone: ---
: 9.0 (Mitaka)
Assignee: Radomir Dopieralski
QA Contact: Ido Ovadia
URL:
Whiteboard:
Depends On:
Blocks: 1408777
TreeView+ depends on / blocked
 
Reported: 2016-12-09 00:36 UTC by Faiaz Ahmed
Modified: 2020-04-15 14:57 UTC (History)
9 users (show)

Fixed In Version: python-django-horizon-9.0.1-7.el7ost
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-03-08 17:46:50 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2017:0466 0 normal SHIPPED_LIVE python-django-horizon bug fix advisory 2017-03-08 22:44:52 UTC

Description Faiaz Ahmed 2016-12-09 00:36:17 UTC 
Description of problem:
LDAP Domain not available anymore which is available with OSP7 and OSP8

For example, login to horizon as user “admin”, and then click “Identity” ---> “Domain”, only  “Default” can be be found now.

Version-Release number of selected component (if applicable):

- OpenStack 9
- python-django-horizon-9.0.1-2.el7ost.noarch


How reproducible:

Steps to Reproduce:
1. Integrate OPEN Stack with IDM https://access.redhat.com/documentation/en/red-hat-openstack-platform/9/paged/integrate-with-identity-service/chapter-2-identity-management-integration. It supposed to be same for Active Directory or generic LDAP.

2. Check if the Domain available via Command line
~~~~
#  openstack domain list
+----------------------------------+---------+---------+--------------------+
| ID                               | Name    | Enabled | Description        |
+----------------------------------+---------+---------+--------------------+
| default                          | Default | True    | The default domain |
| e11330b788674772bea741a4bb571630 | LAB     | True    |                    |
+----------------------------------+---------+---------+--------------------+

~~~~

3. login to horizon as user “admin”, and then click “Identity” ---> “Domain”



Actual results:

There is no Domain Option / Available Domain on OPS9 Horizon Dashboard.


Expected results:

Following same OSP 7 and 8 Doc and step, Domains are available "ogin to horizon as user “admin”, and then click “Identity” ---> “Domain”"

Additional info:
Comment 3 Radomir Dopieralski 2017-01-03 14:10:31 UTC 
It looks like for the domain-scoped tokens (and thus, the Domains tab) to work properly, the default session engine needs to be changed from "cookies" to something that provides more space to store all the tokens.

The https://wiki.openstack.org/wiki/Horizon/DomainWorkFlow page recommends adding/changing this configuration:

CACHES = {
   'default': {
       'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
       'LOCATION': '127.0.0.1:11211',
   }
}
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'

Alternatively, if memcache is not available, an in-memory session engine can be also used:

CACHES = {
    'default': {
        'BACKEND': 'django.core.cache.backends.locmem.LocMemCache',
    }
}
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
Comment 14 Radomir Dopieralski 2017-02-10 10:41:05 UTC 
I submitted a patch fixing this issue upstream: https://review.openstack.org/#/c/427125/

Once it's merged, I will propose backports.
Comment 17 errata-xmlrpc 2017-03-08 17:46:50 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2017-0466.html
Note You need to log in before you can comment on or make changes to this bug.