Back To Schedule
Thursday, May 15 • 9:00am - 9:40am
Integrating OpenStack with Active Directory (Because AD != LDAP)

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Go Daddy has a large Active Directory (AD) deployment that serves many purposes for our corporate and hosting infrastructure. In building our private cloud, we've leveraged AD to power Keystone's identity service, VM authentication, and security discovery and auditing. In this talk, we'll discuss exactly how we've configured OpenStack to work well with AD, other open source tools we've used to achieve our desired functionality, and the lessons we've learned along the way. Specifically, we'll cover:
  • Keystone's LDAP capabilities
    • Using LDAP for OpenStack authentication
    • Using LDAP as a store for projects and roles (and why we chose not to use this feature)
  • The quirky differences between AD and LDAP and how those can impact your Keystone configuration, including known outstanding bugs (as of Havana) related to AD integration and their workarounds
  • How we used the open source tool PowerBroker Identity Services to back VM authentication and possible alternative solutions
  • Techniques we've used to maintain and scale the relationship between OpenStack and AD
  • Using AD groups cohesively across our company's platform including: OpenStack, GitHub, CI/CD, Finance, and more

avatar for Mike Dorman

Mike Dorman

DevOps Engineer, SendGrid
A 15-year systems engineering veteran focused on cloud architecture, site reliability, automation and infrastructure design in service provider and enterprise environments. I am knowledgeable in the full deployment stack, from data center, network and hardware configuration to application... Read More →
avatar for Craig Jellick

Craig Jellick

Senior software engineer, GoDaddy
Craig is a senior software enineer working on OpenStack and related technologies at Go Daddy. He's really enjoyed diving into OpenStack and looks forward to getting more involved with the project and helping others to do so.

Thursday May 15, 2014 9:00am - 9:40am EDT
Room B101

Attendees (0)