OpenStack Identity (keystone)

  1. Series 2023.2
  2. Bug #2074018
  3. Comment #8

Comment 8 for bug 2074018

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystone (stable/2023.1)

Reviewed: https://review.opendev.org/c/openstack/keystone/+/927201
Committed: https://opendev.org/openstack/keystone/commit/ea5b0b0f35a443dc196f2f2d60704dd0dca8b3ab
Submitter: "Zuul (22348)"
Branch: stable/2023.1

commit ea5b0b0f35a443dc196f2f2d60704dd0dca8b3ab
Author: Douglas Mendizábal <email address hidden>
Date: Fri Jul 19 17:10:11 2024 -0400

    Add keystone-manage reset_last_active command

    This patch adds the `reset_last_active` subcommand to the
    `keystone-manage` command line tool.

    This subcommand will update every user in the database that has a null
    value in the `last_active_at` property to the current server time. This
    is necessary to prevent user lockout in deployments that have been
    running for a long time without `disable_user_account_days_inactive` and
    later decide to turn it on.

    This patch also includes a change to the logic that sets
    `last_active_at` to fix the root issue of the lockout.

    Closes-Bug: 2074018
    Change-Id: I1b71fb3881dc041db01083fbb4f2592400096a31
    (cherry picked from commit e9513f8e4f25e1f20bc6fcab71d9177120000abf)
    (cherry picked from commit 62b3c9260b79b9596545debbd7e4fcd3b4eab972)
    (cherry picked from commit 1829ce0202cbe11602fafd053cd1cd3eb0f996b0)