[keycloak-dev] Suggestion and fix for e-Directory federation provider

Sebastien Blanc sblanc at redhat.com
Fri Dec 2 03:24:31 EST 2016

Hi !

Sure that would be awesome if you can create a pull request and attached it
to the ticket !


On Thu, Nov 24, 2016 at 1:38 PM, Tomas Tikovsky <tikovsky.tomas at gmail.com>

> Hello everyone,
> im using e-directory federation ldap provider and came to this bug
> KEYCLOAK-3099 <https://issues.jboss.org/browse/KEYCLOAK-3099> as i was
> experiencing the same problem.
> e-Directory sends guid attribute as byte[] so it needs to be declared as
> binary the same way as its done for activeDirectory.
> Sending simple diff to fix this issue if you consider this as helpfull.
> Novell was acquired by microfocus and their product has been renamed to
> netIQ eDirectory so i incorporated that change as well.
> Another thing i noted were 2 incorrect attribute mappings in administration
> console.
> "username" -> "uid"
> correct as long as users are enabled for linux (not default) otherwise cn.
> So cn should work for more cases than uid.
> "firstname" -> "cn"
> wrong, should be "givenname"
> Cheers
> Tom
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev

More information about the keycloak-dev mailing list