Use the viocli identity command to configure Keystone for domains with AD or LDAP backends. The command calls the OpenStack Management Server API to store knowledge of Keystone domains and dictionary variables.

The viocli identity command supports a variety of actions to perform different tasks. The following parameters apply to all actions.

Parameter Mandatory or Optional Description

-d NAME or --deployment NAME

Optional

Name of the deployment to use.

If you do not enter a value, the default deployment is used.

-p or --progress

Optional

Shows the progress of the current operation.

You can run viocli identity -h or viocli identity --help to display the parameters for the command. You can also use the -h or --help option on any action to display parameters for the action. For example, viocli identity add -h will show parameters for the add action.

The actions that viocli identity supports are listed as follows.

viocli identity add [-d NAME] [--type {AD | LDAP}] [-p]

Configures a new identity source. The following additional parameters apply to the add action.

Parameter Mandatory or Optional Description

--type {AD | LDAP}

Optional

Type of backend for the domain.

If you do not include the --type parameter in the command, you will be prompted to enter the backend type.

 

viocli identity remove [-d NAME] --id DOMAIN [-p]

Removes an identity source from the list. The local (ID 0) and default (ID 1) domains cannot be removed.

The following additional parameters apply to the remove action.

Parameter Mandatory or Optional Description

--id DOMAIN

Mandatory

Identifier of an identity source. The local domain is represented by 0 and the default domain by 1.

 

viocli identity edit [-d NAME] --id DOMAIN [-p]

Changes the settings of an existing identity source. The local domain (ID 0) cannot be edited.

The following additional parameters apply to the edit action.

Parameter Mandatory or Optional Description

--id DOMAIN

Mandatory

Identifier of an identity source. The local domain is represented by 0 and the default domain by 1.

 

viocli identity list [-d NAME] [--json JSON | --pretty PRETTY] [-p]

Displays all configured domains with their ID numbers and backend types. The following additional parameters apply to the list action.

Parameter Mandatory or Optional Description

--json JSON

--pretty PRETTY

Optional

Displays output in JSON format or as formatted text.

If you do not enter a value, PRETTY is used when the command is run interactively and JSON is used when the command is run noninteractively.

 

viocli identity show [-d NAME] --id DOMAIN [--json JSON | --pretty PRETTY] [-p]

Displays detailed information about the specified domain. The following additional parameters apply to the show action.

Parameter Mandatory or Optional Description

--id DOMAIN

Mandatory

Identifier of an identity source. The local domain is represented by 0 and the default domain by 1.

--json JSON

--pretty PRETTY

Optional

Displays output in JSON format or as formatted text.

If you do not enter a value, PRETTY is used when the command is run interactively and JSON is used when the command is run noninteractively.