To Reproduce Steps to reproduce the behavior:
RHOSO 18 CCSP customer configured LDAP backend for one of Keystone domains in their RHOSO deployments. They originally complained about Horizon operations: it was impossible to create VM because Horizon was unable to fetch list of flavors in time. But after we took the look under the hood, we have found out that the problem is coming from slow keystone responses for /v3/auth/tokens requests.

In the logs I can see that for problematic requests Keystone spends a lot of time doing something when running _set_domain_id_and_mapping_for_list() and from log messages it looks like it re-creates mappings for LDAP entities during each call.

Please note that I have reported this bug against a RHOSO control plane running customized Keystone container image. We will try to understand scope of customizations better and will let you know more about them in follow-up comments.

Expected behavior
Keystone re-uses LDAP mappings

Bug impact
Some Horizon operations fail because of timeouts. API requests are slow.

Known workaround
None

Additional context
To be provided privately.