With keystone v3, you can use Identity Service to authenticate certain Active Directory Domain Services (AD DS) users, while retaining authorization settings and critical service accounts in the Identity Service database. This new configuration improves earlier methods by eliminating a point of failure where an OpenStack environment could experience a service outage if the Active Directory Domain Controller became unavailable.
This session discusses the changes you will need in your Active Directory environment, multidomain configuration in keystone v3, high availablity options, and, importantly, how to encrypt sensitive query traffic using LDAPS. A presentation for the system administrators using Active Directory, this talk describes how to easily integrate Active Directory with the OpenStack Identity Service.
For business leaders, this talk describes collaborative opportunities between teams; successful integration will require buy-in from multiple stakeholders.
This presentation explains how to integrate Active Directory with OpenStack Keystone using Keystone v3, and the benefits this offers over keystone v2 integration. This session discusses Active Directory and Keystone configuration, LDAPS encryption, and high availability options.