[Admin-Guide] Move Domain Specific Configuration

Moving the 'Domain-specific configuration" section from
the Config Ref into the Admin Guide Identity chapter.

backport: mitaka

Change-Id: Ie2a4fd59f4a0da5867c3c5d9f0a480fde6a39702
Closes-Bug: #1598682

doc/admin-guide/source/identity_management.rst

@@ -17,6 +17,7 @@ command-line client.
    identity_concepts.rst
    keystone_certificates_for_pki.rst
    keystone_configure_with_SSL.rst
+   keystone_domain_specific_config.rst
    keystone_external_authentication.rst
    keystone_integrate_with_ldap.rst
    keystone_tokens.rst

doc/admin-guide/source/keystone_domain_specific_config.rst

@@ -0,0 +1,69 @@
+=============================
+Domain-specific configuration
+=============================
+
+The Identity service supports domain-specific Identity drivers.
+The drivers allow a domain to have its own LDAP or SQL back end.
+By default, domain-specific drivers are disabled.
+
+Domain-specific Identity configuration options can be stored in
+domain-specific configuration files, or in the Identity SQL
+database using API REST calls.
+
+.. note::
+
+   Storing and managing configuration options in an SQL database is
+   experimental in Kilo, and added to the Identity service in the
+   Liberty release.
+
+Enable drivers for domain-specific configuration files
+------------------------------------------------------
+
+To enable domain-specific drivers, set these options in the
+``/etc/keystone/keystone.conf`` file:
+
+.. code-block:: ini
+
+   [identity]
+   domain_specific_drivers_enabled = True
+   domain_config_dir = /etc/keystone/domains
+
+When you enable domain-specific drivers, Identity looks in the
+``domain_config_dir`` directory for configuration files that are named as
+``keystone.DOMAIN_NAME.conf``. A domain without a domain-specific
+configuration file uses options in the primary configuration file.
+
+Enable drivers for storing configuration options in SQL database
+----------------------------------------------------------------
+
+To enable domain-specific drivers, set these options in the
+``/etc/keystone/keystone.conf`` file:
+
+.. code-block:: ini
+
+   [identity]
+   domain_specific_drivers_enabled = True
+   domain_configurations_from_database = True
+
+Any domain-specific configuration options specified through the
+Identity v3 API will override domain-specific configuration files in the
+``/etc/keystone/domains`` directory.
+
+Migrate domain-specific configuration files to the SQL database
+---------------------------------------------------------------
+
+You can use the ``keystone-manage`` command to migrate configuration
+options in domain-specific configuration files to the SQL database:
+
+.. code-block:: console
+
+   # keystone-manage domain_config_upload --all
+
+To upload options from a specific domain-configuration file, specify the
+domain name:
+
+.. code-block:: console
+
+   # keystone-manage domain_config_upload --domain-name DOMAIN_NAME
+
+

doc/config-reference/source/identity/options.rst

@@ -42,67 +42,14 @@ service options.
 .. include:: ../tables/keystone-zeromq.rst
 .. include:: ../tables/keystone-redis.rst
 
-Domain-specific configuration
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-The Identity service supports domain-specific Identity drivers which allow a
-domain to have its own LDAP or SQL back end. By default, domain-specific
-drivers are disabled.
+Domain-specific Identity drivers
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-Domain-specific Identity configuration options can be stored in domain-specific
-configuration files, or in the Identity SQL database using API REST calls.
+The Identity service supports domain-specific Identity drivers
+installed on an SQL or LDAP back end, and supports domain-specific
+Identity configuration options, which are stored in domain-specific
+configuration files. See the
+`Admin guide Identity Management Chapter <http://docs.openstack.org/admin-guide/keystone_domain_specific_config.html>`_
+for more information.
 
-.. note::
-
-   Storing and managing configuration options in an SQL database is
-   experimental in Kilo.
-
-Enable drivers for domain-specific configuration files
-------------------------------------------------------
-
-To enable domain-specific drivers, set these options in the
-``/etc/keystone/keystone.conf`` file:
-
-.. code-block:: ini
-
-   [identity]
-   domain_specific_drivers_enabled = True
-   domain_config_dir = /etc/keystone/domains
-
-When you enable domain-specific drivers, Identity looks in the
-``domain_config_dir`` directory for configuration files that are named as
-``keystone.DOMAIN_NAME.conf``. A domain without a domain-specific
-configuration file uses options in the primary configuration file.
-
-Enable drivers for storing configuration options in SQL database
-----------------------------------------------------------------
-
-To enable domain-specific drivers, set these options in the
-``/etc/keystone/keystone.conf`` file:
-
-.. code-block:: ini
-
-   [identity]
-   domain_specific_drivers_enabled = True
-   domain_configurations_from_database = True
-
-Any domain-specific configuration options specified through the Identity v3 API
-will override domain-specific configuration files in the
-``/etc/keystone/domains`` directory.
-
-Migrate domain-specific configuration files to the SQL database
----------------------------------------------------------------
-
-You can use the ``keystone-manage`` command to migrate configuration options in
-domain-specific configuration files to the SQL database:
-
-.. code-block:: console
-
-   # keystone-manage domain_config_upload --all
-
-To upload options from a specific domain-configuration file, specify the domain
-name:
-
-.. code-block:: console
-
-   # keystone-manage domain_config_upload --domain-name DOMAIN_NAME