diff --git a/src/config.yaml b/src/config.yaml
index e07c8af..1e5011a 100644
--- a/src/config.yaml
+++ b/src/config.yaml
@@ -15,7 +15,7 @@ options:
       provide a later version of OpenStack will trigger a software
       upgrade.
   rabbit-user:
-    default: manila
+    default: manila-ganesha
     type: string
     description: Username used to access rabbitmq queue
   rabbit-vhost:
@@ -23,7 +23,7 @@ options:
     type: string
     description: Rabbitmq vhost
   database-user:
-    default: manila
+    default: manila-ganesha
     type: string
     description: Username for Manila database access
   database:
diff --git a/src/lib/charm/openstack/manila_ganesha.py b/src/lib/charm/openstack/manila_ganesha.py
index 5c1d247..a4e0b30 100644
--- a/src/lib/charm/openstack/manila_ganesha.py
+++ b/src/lib/charm/openstack/manila_ganesha.py
@@ -13,7 +13,8 @@
 # limitations under the License.
 
 import collections
-# import json
+import json
+
 # import socket
 # import subprocess
 
@@ -23,7 +24,12 @@ import charms_openstack.charm
 import charms_openstack.adapters
 import charms_openstack.plugins
 from charms_openstack.ip import resolve_address
-
+from charmhelpers.core.hookenv import log
+from charmhelpers.contrib.storage.linux.ceph import (
+    CephBrokerRq,
+    is_request_complete,
+    send_request_if_needed,
+)
 # import charmhelpers.core as ch_core
 
 
@@ -32,6 +38,15 @@ MANILA_CONF = MANILA_DIR + "manila.conf"
 MANILA_LOGGING_CONF = MANILA_DIR + "logging.conf"
 MANILA_API_PASTE_CONF = MANILA_DIR + "api-paste.ini"
 CEPH_CONF = '/etc/ceph/ceph.conf'
+CEPH_CAPABILITIES = [
+    "mds", "allow *",
+    "osd", "allow rw",
+    "mon", "allow r, "
+    "allow command \"auth del\", "
+    "allow command \"auth caps\", "
+    "allow command \"auth get\", "
+    "allow command \"auth get-or-create\""]
+
 
 
 @charms_openstack.adapters.config_property
@@ -134,9 +149,10 @@ class ManilaGaneshaCharm(charms_openstack.charm.HAOpenStackCharm,
         'identity-service',
         'shared-db',
     ]
-    group = 'manila'
+    user = group = 'manila'
+
     adapters_class = GaneshaCharmRelationAdapters
-    ceph_key_per_unit_name = True
+    # ceph_key_per_unit_name = True
     services = [
         'nfs-ganesha',
         'manila-share',
@@ -193,3 +209,22 @@ class ManilaGaneshaCharm(charms_openstack.charm.HAOpenStackCharm,
                 database=self.options.database,
                 username=self.options.database_user, )
         ]
+
+    def request_ceph_permissions(self, ceph):
+        rq = CephBrokerRq()
+
+        json_rq = ceph.get_local(key='broker_req')
+        if json_rq:
+            try:
+                j = json.loads(json_rq)
+                log("Json request: {}".format(json_rq))
+                rq.set_ops(j['ops'])
+            except ValueError as err:
+                log("Unable to decode broker_req: {}. Error {}".format(
+                    json_rq, err))
+
+        rq.add_op({'op': 'set-key-permissions',
+                   'permissions': CEPH_CAPABILITIES,
+                   'client': 'manila-ganesha'})
+        ceph.set_local(key='broker_req', value=rq.request)
+        send_request_if_needed(rq, relation='ceph')
\ No newline at end of file
diff --git a/src/reactive/manila_ganesha.py b/src/reactive/manila_ganesha.py
index a275f48..6a539b2 100644
--- a/src/reactive/manila_ganesha.py
+++ b/src/reactive/manila_ganesha.py
@@ -26,7 +26,8 @@ charm.use_defaults(
 @reactive.when_not('ceph.available')
 def ceph_connected(ceph):
     ceph.create_pool(ch_core.hookenv.service_name())
-
+    with charm.provide_charm_instance() as charm_instance:
+        charm_instance.request_ceph_permissions(ceph)
 
 @reactive.when('manila-plugin.available')
 def setup_manila():
diff --git a/src/templates/ceph.conf b/src/templates/ceph.conf
index 92e4cc0..5d852c8 100644
--- a/src/templates/ceph.conf
+++ b/src/templates/ceph.conf
@@ -6,5 +6,12 @@
 [global]
 {% if ceph.auth -%}
 auth_supported = {{ ceph.auth }}
+keyring = /etc/ceph/$cluster.$name.keyring
 mon host = {{ ceph.monitors }}
+
+
+[client.manila-ganesha]
+client mount uid = 0
+client mount gid = 0
+log file = /var/log/ceph/ceph-client.manila.log
 {% endif -%}
\ No newline at end of file
diff --git a/src/templates/rocky/manila.conf b/src/templates/rocky/manila.conf
index 0d1b38b..36b0762 100644
--- a/src/templates/rocky/manila.conf
+++ b/src/templates/rocky/manila.conf
@@ -19,6 +19,9 @@ debug = {{ options.debug }}
 
 {% include "parts/section-transport-url" %}
 
+[oslo_concurrency]
+lock_path = /var/lib/manila/tmp
+
 # parts/section-database includes the [database] section identifier
 {% include "parts/section-database" %}
 
@@ -44,12 +47,12 @@ debug = {{ options.debug }}
 [cephfsnfs1]
 driver_handles_share_servers = False
 ganesha_rados_store_enable = True
-ganesha_rados_store_pool_name = manila_ganesha
+ganesha_rados_store_pool_name = manila-ganesha
 share_backend_name = CEPHFSNFS1
 share_driver = manila.share.drivers.cephfs.driver.CephFSDriver
 cephfs_protocol_helper_type = NFS
 cephfs_conf_path = /etc/ceph/ceph.conf
-cephfs_auth_id = manila
+cephfs_auth_id = manila-ganesha
 cephfs_cluster_name = ceph
 cephfs_enable_snapshots = False
 cephfs_ganesha_server_is_remote = False
diff --git a/src/tests/bundles/bionic-stein.yaml b/src/tests/bundles/bionic-stein.yaml
index 50e8ec2..0369df9 100644
--- a/src/tests/bundles/bionic-stein.yaml
+++ b/src/tests/bundles/bionic-stein.yaml
@@ -9,7 +9,7 @@ services:
     options:
       openstack-origin: *source
   ceph-mon:
-    charm: cs:~openstack-charmers-next/ceph-mon
+    charm: /home/ubuntu/ceph-mon
     num_units: 3
     options:
       source: *source