Comment 3 for bug 1396594

I believe we should
1) create additional user in admin (or if it is possible, in service) tenant at the deployment stage,
2) use erb templates to put it into the right places (scripts which rely on openrc)
3) put the note into the docs about this special user and its important role. So, If the user will change its password, he should as well update it in specified files.