Fixes are available
APAR status
Closed as documentation error.
Error description
ICO 2.4 integration with AD works fine for UI authentication, but nova-discovery does not works Symptom error found in the log: ---- 2015-01-22 10:29:45.557 20742 CRITICAL vmware [req-3d79e988-7680-452e-a272-7e8d0139bfcd a47ad52619574fdb848561d21ac6502e 518581a6d5c74d85a0f60e0415c1966b] Unauthorized: KS-58299FC The request you have made requires authentication. (HTTP 401) ---- Resolving the problem the issue was related to the "non_ldap_users" not set into keystone.conf file
Local fix
no woraround
Problem summary
IBM Cloud Orchestrator V2.4 integration with Active Directory works correctly for user interface authentication. However, nova-discovery fails.
Problem conclusion
non-ldap-users : The local users are not authenticated with LDAP and they must be defined via this option. The users defined in the list must already exist in the local database. This option is required. Default None Example non_ldap_users = admin, demo, nova, neutron, cinder, glance, monitoring, domadmin, heat, test the above entry is added in the following link https://www-01.ibm.com/support/knowledgecenter/SS4KMC_2.4.0.2/co m.ibm.sco.doc_2.4/r_ldap_keystone_config.html?lang=en
Temporary fix
Comments
APAR Information
APAR number
ZZ00353
Reported component name
SMRTCLOUD ORCHS
Reported component ID
5725H2800
Reported release
240
Status
CLOSED DOC
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2015-01-23
Closed date
2015-08-14
Last modified date
2015-08-14
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Applicable component levels
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS4KMC","label":"IBM Cloud Orchestrator"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"240","Line of Business":{"code":"LOB45","label":"Automation"}}]
Document Information
Modified date:
03 November 2021