Contents¶
System Accounts¶
- Types of System Accounts
- Linux User Accounts
- The sysadmin Account
- Local LDAP Linux User Accounts
- Create LDAP Linux Accounts
- Remote Access for Linux Accounts
- Password Recovery for Linux User Accounts
- Establish Credentials for Linux User Accounts
- For StarlingX and Platform OpenStack CLIs from a Local LDAP Linux Account Login
- For StarlingX, Platform OpenStack and Kubernetes CLIs from the ‘sysadmin’ Linux Account Login
- For Kubernetes CLI from a Local LDAP Linux Account Login
- Kubernetes Service Accounts
- Keystone Accounts
- Remote Windows Active Directory Accounts
- System Account Password Rules
Access the System¶
Manage Non-Admin Type Users¶
User Authentication Using Windows Active Directory¶
- Overview of Windows Active Directory
- Configure Kubernetes for OIDC Token Validation while Bootstrapping the System
- Configure Kubernetes for OIDC Token Validation after Bootstrapping the System
- Set up OIDC Auth Applications
- Centralized OIDC Authentication Setup for Distributed Cloud
- Configure Users, Groups, and Authorization
- Configure Kubectl with a Context for the User
Obtain the Authentication Token¶
Deprovision Windows Active Directory¶
Firewall Options¶
HTTPS Certificate Management¶
- HTTPS and Certificates Management Overview
- Display Certificates Installed on a System
- Create a local CA Issuer
- Kubernetes Certificates
- Etcd Certificates
- Install Custom Kubernetes Root CA Certificate
- Configure REST API Applications and Web Administration Server certificate
- Configure Docker Registry Certificate
- OIDC Client Dex Server Certificates
- Migrate/Update Platform Certificates to use Cert Manager
- Portieris Server Certificate
- Vault Server Certificate
- Distributed Cloud Admin Endpoint Certificates
- System Trusted CA Certificates
- Certificate Management Guidelines
- Expiring-Soon and Expired Certificate Alarms