| opendevreview | OpenStack Proposal Bot proposed openstack/keystone master: Imported Translations from Zanata https://review.opendev.org/c/openstack/keystone/+/857805 | 02:17 |
|---|---|---|
| ozzzo | can anyone help with my "LDAP exceeded size limit" issue from Monday? | 13:24 |
| *** d34dh0r5| is now known as d34dh0r53 | 13:35 | |
| luk4s | Hi folks | 14:20 |
| luk4s | potentially discovered an issue with the latest 5.2.0 release of keystoneauth1-5.2.0 python package. It looks like six dependency was removed but it looks like keystoneauth1/identity/v3/oauth2_mtls_client_credential.py still imports it | 14:23 |
| d34dh0r53 | bah, thought we had removed all of the imports | 14:24 |
| luk4s | causing ModuleNotFoundError: No module named 'six' | 14:24 |
| luk4s | https://opendev.org/openstack/keystoneauth/src/commit/2e40bbf8e3c12ae06c7572adfa8510e0deef7eb4/keystoneauth1/identity/v3/oauth2_mtls_client_credential.py#L17 | 14:24 |
| luk4s | Looks like one slipped the net | 14:24 |
| luk4s | Would you like me to submit an issue for that? | 14:27 |
| opendevreview | David Wilde proposed openstack/keystoneauth master: Remove last reference to the python six package https://review.opendev.org/c/openstack/keystoneauth/+/883383 | 14:35 |
| d34dh0r53 | luk4s: just pushed a patch, I don't think we need an issue | 14:35 |
| luk4s | d34dh0r53, many thanks (and ok) | 14:36 |
| ozzzo | d34dh0r53: dmendiza said that you might be able to help | 14:46 |
| ozzzo | The error is "Number of User/Group entities returned by LDAP exceeded size limit. Contact your LDAP administrator." | 14:47 |
| ozzzo | I tried setting page_size to a non-zero value but that didn't seem to make a difference | 14:48 |
| d34dh0r53 | ozzzo: looks like it may be a bug in that page_size is not overridable | 14:55 |
| ozzzo | is there a patch for Train? | 14:56 |
| d34dh0r53 | ozzzo: no, no patches at all | 14:57 |
| d34dh0r53 | ozzzo: looking to see if this is a known bug | 14:58 |
| zaitcev | It's supposed to be settable, the question is if it works. Also maybe it needs to go into a section or whatever | 15:05 |
| zaitcev | https://opendev.org/openstack/keystone/src/branch/stable/train/keystone/conf/ldap.py#L63 | 15:05 |
| d34dh0r53 | zaitcev: yeah, I'm confused by https://github.com/openstack/keystone/blob/master/keystone/identity/backends/ldap/common.py#L922 | 15:07 |
| d34dh0r53 | I guess that's just setting the default | 15:08 |
| ozzzo_work | I'm putting it in the [ldap] section as described here: https://docs.openstack.org/keystone/latest/admin/configuration.html#identity-ldap-server-set-up | 16:26 |
| ozzzo_work | https://paste.openstack.org/show/b8tsDUjqj3hTZMKTknyj/ | 16:27 |
| ozzzo_work | I tried various values, from 10 to 100000 | 16:28 |
| ozzzo_work | d34dh0r53: Do you have any ideas on how I can fix this LDAP error? | 18:46 |
| d34dh0r53 | ozzzo_work: I do not, what version of keystone are you running? | 19:14 |
| *** elodilles is now known as elodilles_ooo | 19:42 | |
| ozzzo_work | it's Train. If I go into my keystone container and type "keystone-manage --version" I get 16.0.3 | 20:16 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!