diff --git a/manifests/compute/libvirt.pp b/manifests/compute/libvirt.pp
index e3968eda2..91a0691d1 100644
--- a/manifests/compute/libvirt.pp
+++ b/manifests/compute/libvirt.pp
@@ -103,8 +103,9 @@ class nova::compute::libvirt (
 
   if($::osfamily == 'Debian') {
     package { "nova-compute-${libvirt_virt_type_real}":
-      ensure => present,
-      before => Package['nova-compute'],
+      ensure  => present,
+      before  => Package['nova-compute'],
+      require => User['nova'],
     }
   }
 
diff --git a/manifests/consoleauth.pp b/manifests/consoleauth.pp
index 9907975df..953e7120a 100644
--- a/manifests/consoleauth.pp
+++ b/manifests/consoleauth.pp
@@ -33,6 +33,7 @@ class nova::consoleauth(
     package_name   => $::nova::params::consoleauth_package_name,
     service_name   => $::nova::params::consoleauth_service_name,
     ensure_package => $ensure_package,
+    require        => User['nova'],
   }
 
 }
diff --git a/manifests/init.pp b/manifests/init.pp
index 2448c1026..034791341 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -153,6 +153,20 @@
 #   (optional) Syslog facility to receive log lines.
 #   Defaults to 'LOG_USER'
 #
+# [*nova_user_id*]
+#   (optional) Create the nova user with the specified gid.
+#   Changing to a new uid after specifying a different uid previously,
+#   or using this option after the nova account already exists will break
+#   the ownership of all files/dirs owned by nova.
+#   Defaults to undef.
+#
+# [*nova_group_id*]
+#   (optional) Create the nova user with the specified gid.
+#   Changing to a new uid after specifying a different uid previously,
+#   or using this option after the nova account already exists will break
+#   the ownership of all files/dirs owned by nova.
+#   Defaults to undef.
+#
 class nova(
   $ensure_package           = 'present',
   $database_connection      = false,
@@ -188,6 +202,8 @@ class nova(
   $periodic_interval        = '60',
   $report_interval          = '10',
   $rootwrap_config          = '/etc/nova/rootwrap.conf',
+  $nova_user_id             = undef,
+  $nova_group_id            = undef,
   # deprecated in folsom
   #$root_helper = $::nova::params::root_helper,
   $monitoring_notifications = false,
@@ -206,6 +222,24 @@ class nova(
     warning('The nova_cluster_id parameter is deprecated and has no effect.')
   }
 
+  group { 'nova':
+    ensure  => present,
+    system  => true,
+    gid     => $nova_group_id,
+    before  => User['nova'],
+  }
+
+  user { 'nova':
+    ensure     => present,
+    system     => true,
+    groups     => 'nova',
+    home       => '/var/lib/nova',
+    managehome => false,
+    shell      => '/bin/false',
+    uid        => $nova_user_id,
+    gid        => $nova_group_id,
+  }
+
   # all nova_config resources should be applied
   # after the nova common package
   # before the file resource for nova.conf is managed
@@ -245,19 +279,7 @@ class nova(
   package { 'nova-common':
     ensure  => $ensure_package,
     name    => $::nova::params::common_package_name,
-    require => [Package['python-nova'], Anchor['nova-start']]
-  }
-
-  group { 'nova':
-    ensure  => present,
-    system  => true,
-    require => Package['nova-common'],
-  }
-  user { 'nova':
-    ensure  => present,
-    gid     => 'nova',
-    system  => true,
-    require => Package['nova-common'],
+    require => [Package['python-nova'], Anchor['nova-start'], User['nova']]
   }
 
   file { '/etc/nova/nova.conf':
diff --git a/manifests/objectstore.pp b/manifests/objectstore.pp
index 84e27dc85..d8b6359e3 100644
--- a/manifests/objectstore.pp
+++ b/manifests/objectstore.pp
@@ -35,6 +35,7 @@ class nova::objectstore(
     package_name   => $::nova::params::objectstore_package_name,
     service_name   => $::nova::params::objectstore_service_name,
     ensure_package => $ensure_package,
+    require        => User['nova'],
   }
 
   nova_config {
diff --git a/spec/classes/nova_init_spec.rb b/spec/classes/nova_init_spec.rb
index 76da96051..9f8e4ae4c 100644
--- a/spec/classes/nova_init_spec.rb
+++ b/spec/classes/nova_init_spec.rb
@@ -17,8 +17,8 @@ describe 'nova' do
           :require => 'Package[python-greenlet]'
         )
         should contain_package('nova-common').with(
-          :name   => platform_params[:nova_common_package],
-          :ensure => 'present'
+          :name    => platform_params[:nova_common_package],
+          :ensure  => 'present'
         )
       end
 
@@ -26,13 +26,15 @@ describe 'nova' do
         should contain_group('nova').with(
           :ensure  => 'present',
           :system  => true,
-          :require => 'Package[nova-common]'
+          :before  => 'User[nova]'
         )
         should contain_user('nova').with(
-          :ensure  => 'present',
-          :gid     => 'nova',
-          :system  => true,
-          :require => 'Package[nova-common]'
+          :ensure     => 'present',
+          :system     => true,
+          :groups     => 'nova',
+          :home       => '/var/lib/nova',
+          :managehome => false,
+          :shell      => '/bin/false'
         )
       end
 
@@ -125,7 +127,28 @@ describe 'nova' do
           :ensure_package           => '2012.1.1-15.el6',
           :monitoring_notifications => true,
           :memcached_servers        => ['memcached01:11211', 'memcached02:11211'],
-          :install_utilities        => false }
+          :install_utilities        => false,
+          :nova_user_id             => '499',
+          :nova_group_id            => '499' }
+      end
+
+      it 'creates user and group' do
+        should contain_group('nova').with(
+          :ensure  => 'present',
+          :system  => true,
+          :gid     => '499',
+          :before  => 'User[nova]'
+        )
+        should contain_user('nova').with(
+          :ensure     => 'present',
+          :system     => true,
+          :groups     => 'nova',
+          :home       => '/var/lib/nova',
+          :managehome => false,
+          :shell      => '/bin/false',
+          :uid        => '499',
+          :gid        => '499'
+        )
       end
 
       it 'installs packages' do