The Manager supports authentication against a Keystone server. Detailed steps for
configuring a Keystone server with the system are provided.
-
On the Settings tab, navigate to
.
-
Check the Enable Keystone HTTP Authentication check box to enable the
Keystone authentication and the corresponding options on the Keystone Auth
Configuration page.
-
Type the host name of the Keystone authentication server in the Hostname
field.
192.168.14.63
my.keystoneserver.com
Note: Do not include http:// or https://.
-
Check the Use SSL/TLS check box to use HTTPS.
-
Check the Use a custom port check box.
- If the Use a custom port check box is checked, the custom port field
activates. Enter the admin port to be used for Keystone authentication.
- The default port is 35357.
-
Choose the Keystone Protocol Version to be used for
authentication.
- Click the v2.0 for Keystone v2.0.
- Click the v3 for Keystone v3.
- Because the concept of a Domain was introduced in Keystone v3, the domain options are not
required for v3.
-
Enter the character to be used to separate user name from domain in the Domain
Separator field.
Note: The domain separator must be a character that is not used in any Keystone user name (for
example, @). Keystone credentials for basic authentication against an Accesser® must have a user name that is provided along with
the domain, unless you are using Keystone v2.0 or when a default domain is set.
-
Check Use a default domain to allow the use of a default name.
Note: Keystone users that authenticate against Accesser
devices without explicitly providing a domain are scoped by the default domain.
-
Enter the shared secret with the Keystone configuration in the field.
Note: In many Keystone server configurations, the admin token is located in the
/etc/keystone/ directory.
-
Paste a PEM file into the Certificate PEM field.
Note: A certificate is needed when the Keystone server is using SSL with self signed
certificates. The certificate for many Keystone server configurations is at
/etc/keystone/ssl/certs/ca.pem.
-
Click Update.