Identity enables you to configure domain-specific authentication drivers. For example, you can configure a domain to have its own LDAP or SQL server.
By default, the option to configure domain-specific drivers is disabled.
To enable domain-specific drivers, set these options in
[identity] section in the
keystone.conf file:
[identity] domain_specific_drivers_enabled = True domain_config_dir = /etc/keystone/domains
When you enable domain-specific drivers, Identity looks
in the domain_config_dir directory for
configuration files that are named as follows:
keystone.,
where DOMAIN_NAME.confDOMAIN_NAME is the domain
name.
Any options that you define in the domain-specific configuration file override options in the primary configuration file for the specified domain. Any domain without a domain-specific configuration file uses only the options in the primary configuration file.
