diff --git a/doc/admin-guide-cloud/source/keystone_integrate_assignment_backend_ldap.rst b/doc/admin-guide-cloud/source/keystone_integrate_assignment_backend_ldap.rst index 9f40cc2a39..485f2b89b3 100644 --- a/doc/admin-guide-cloud/source/keystone_integrate_assignment_backend_ldap.rst +++ b/doc/admin-guide-cloud/source/keystone_integrate_assignment_backend_ldap.rst @@ -1,5 +1,8 @@ +.. _integrate-assignment-backend-ldap: + +======================================= Integrate assignment back end with LDAP -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +======================================= When you configure the OpenStack Identity service to use LDAP servers, you can split authentication and authorization using the *assignment* diff --git a/doc/admin-guide-cloud/source/keystone_integrate_identity_backend_ldap.rst b/doc/admin-guide-cloud/source/keystone_integrate_identity_backend_ldap.rst index 9367ddbdf2..7a0bd539d5 100644 --- a/doc/admin-guide-cloud/source/keystone_integrate_identity_backend_ldap.rst +++ b/doc/admin-guide-cloud/source/keystone_integrate_identity_backend_ldap.rst @@ -1,5 +1,8 @@ +.. _integrate-identity-backend-ldap: + +===================================== Integrate Identity back end with LDAP -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +===================================== The Identity back end contains information for users, groups, and group member lists. Integrating the Identity back end with LDAP allows @@ -174,7 +177,7 @@ administrators to use users and groups in LDAP. During service restart, authentication and authorization are unavailable. -**Additional LDAP integration settings.** +**Additional LDAP integration settings** Set these options in the :file:`/etc/keystone/keystone.conf` file for a single LDAP server, or :file:`/etc/keystone/domains/keystone.DOMAIN_NAME.conf` diff --git a/doc/admin-guide-cloud/source/keystone_integrate_with_ldap.rst b/doc/admin-guide-cloud/source/keystone_integrate_with_ldap.rst index 238eb0d639..4147a29683 100644 --- a/doc/admin-guide-cloud/source/keystone_integrate_with_ldap.rst +++ b/doc/admin-guide-cloud/source/keystone_integrate_with_ldap.rst @@ -4,6 +4,13 @@ Integrate Identity with LDAP ============================ +.. toctree:: + :maxdepth: 2 + + keystone_integrate_identity_backend_ldap.rst + keystone_integrate_assignment_backend_ldap.rst + keystone_secure_identity_to_ldap_backend.rst + The OpenStack Identity service supports integration with existing LDAP directories for authentication and authorization services. @@ -32,13 +39,10 @@ providing user authentication through the LDAP directory. Identity configuration is split into two separate back ends; identity (back end for users and groups), and assignments (back end for domains, projects, roles, role assignments). To configure Identity, set options -in the :file:`/etc/keystone/keystone.conf` file. See Integrate Identity back -end with LDAP for Identity back end configuration examples and Integrate -Assignment back end with LDAP for assignment back end configuration examples. -Modify these examples as needed. - -.. TODO (DC) Add links to keystone_integrate_identity_backend_ldap.rst and - keystone_integrate_assignment_backend_ldap.rst +in the :file:`/etc/keystone/keystone.conf` file. See +:ref:`integrate-identity-backend-ldap` for Identity back end configuration +examples and :ref:`integrate-assignment-backend-ldap` for assignment back +end configuration examples. Modify these examples as needed. .. note:: @@ -160,15 +164,3 @@ service:: During service restart, authentication and authorization are unavailable. -.. include:: keystone_integrate_identity_backend_ldap.rst - -.. include:: keystone_integrate_assignment_backend_ldap.rst - -.. include:: keystone_secure_identity_to_ldap_backend.rst - -.. toctree:: - :hidden: - - keystone_integrate_identity_backend_ldap.rst - keystone_integrate_assignment_backend_ldap.rst - keystone_secure_identity_to_ldap_backend.rst