April 25-29, 2016

Event Details

Please note: All times listed below are in Central Time Zone

Integrate Active Directory with OpenStack Keystone

With keystone v3, you can use Identity Service to authenticate certain Active Directory Domain Services (AD DS) users, while retaining authorization settings and critical service accounts in the Identity Service database. This new configuration improves earlier methods by eliminating a point of failure where an OpenStack environment could experience a service outage if the Active Directory Domain Controller became unavailable.

This session discusses the changes you will need in your Active Directory environment, multidomain configuration in keystone v3, high availablity options, and, importantly, how to encrypt sensitive query traffic using LDAPS. A presentation for the system administrators using Active Directory, this talk describes how to easily integrate Active Directory with the OpenStack Identity Service.

For business leaders, this talk describes collaborative opportunities between teams; successful integration will require buy-in from multiple stakeholders.

What can I expect to learn?

This presentation explains how to integrate Active Directory with OpenStack Keystone using Keystone v3, and the benefits this offers over keystone v2 integration. This session discusses Active Directory and Keystone configuration, LDAPS encryption, and high availability options.

Tuesday, April 26, 12:05pm-12:45pm (5:05pm - 5:45pm UTC)
Difficulty Level: Intermediate
Red Hat, Technical Writer
Martin is a former systems administrator in networking and virtualization, now drawing on this experience to create documentation as a technical writer for Red Hat. He has previously presented at OpenStack Summit events in Austin and Boston. FULL PROFILE