diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml
index 8694f8e02e..6196f65fbc 100644
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@@ -369,16 +369,6 @@ set_sysctl: "yes"
 # Valid options are [ none, novnc, spice, rdp ]
 nova_console: "novnc"
 
-# OpenStack authentication string. You should only need to override these if you
-# are changing the admin tenant/project or user.
-openstack_auth:
-  auth_url: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}"
-  username: "admin"
-  password: "{{ keystone_admin_password }}"
-  project_name: "admin"
-  domain_name: "default"
-  user_domain_name: "default"
-
 # Endpoint type used to connect with OpenStack services with ansible modules.
 # Valid options are [ public, internal, admin ]
 openstack_interface: "admin"
@@ -594,6 +584,9 @@ keystone_admin_url: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keyston
 keystone_internal_url: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}"
 keystone_public_url: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ keystone_public_port }}"
 
+keystone_admin_user: "admin"
+keystone_admin_project: "admin"
+
 default_project_domain_name: "Default"
 default_project_domain_id: "default"
 
@@ -606,6 +599,16 @@ fernet_token_expiry: 86400
 
 keystone_default_user_role: "_member_"
 
+# OpenStack authentication string. You should only need to override these if you
+# are changing the admin tenant/project or user.
+openstack_auth:
+  auth_url: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}"
+  username: "{{ keystone_admin_user }}"
+  password: "{{ keystone_admin_password }}"
+  project_name: "{{ keystone_admin_project }}"
+  domain_name: "default"
+  user_domain_name: "default"
+
 #######################
 # Glance options
 #######################
diff --git a/ansible/roles/common/templates/admin-openrc.sh.j2 b/ansible/roles/common/templates/admin-openrc.sh.j2
index e400db5fbd..03cb934c40 100644
--- a/ansible/roles/common/templates/admin-openrc.sh.j2
+++ b/ansible/roles/common/templates/admin-openrc.sh.j2
@@ -1,8 +1,8 @@
 export OS_PROJECT_DOMAIN_NAME=Default
 export OS_USER_DOMAIN_NAME=Default
-export OS_PROJECT_NAME=admin
-export OS_TENANT_NAME=admin
-export OS_USERNAME=admin
+export OS_PROJECT_NAME={{ keystone_admin_project }}
+export OS_TENANT_NAME={{ keystone_admin_project }}
+export OS_USERNAME={{ keystone_admin_user }}
 export OS_PASSWORD={{ keystone_admin_password }}
 export OS_AUTH_URL={{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}/v3
 export OS_INTERFACE=internal
diff --git a/etc/kolla/globals.yml b/etc/kolla/globals.yml
index eff4104acb..5757ceb090 100644
--- a/etc/kolla/globals.yml
+++ b/etc/kolla/globals.yml
@@ -290,6 +290,10 @@ kolla_internal_vip_address: "10.10.10.254"
 # Valid options are [ fernet ]
 #keystone_token_provider: 'fernet'
 
+#keystone_admin_user: "admin"
+
+#keystone_admin_project: "admin"
+
 # Interval to rotate fernet keys by (in seconds). Must be an interval of
 # 60(1 min), 120(2 min), 180(3 min), 240(4 min), 300(5 min), 360(6 min),
 # 600(10 min), 720(12 min), 900(15 min), 1200(20 min), 1800(30 min),