Integrate Keystone Default Domain with External Identity Service
Issue
Important: Generally the Keystone Default domain should contain only the admin account and the Openstack service accounts. It is recommended that these accounts are authenticated locally by the Keystone DB. This article covers special cases where external authentication is required for the Default domain.
- The Integrate with Identity Service guide does not provide instructions on how to configure external authentication for the Keystone Default domain.
- Enable LDAP authentication for Keystone Default domain.
- Enable AD authentication for Keystone Default domain.
Environment
Red Hat Openstack Platform 8
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.