[keycloak-user] How to add Admin User

Tue Apr 19 02:40:38 EDT 2016

Thanks Marek, I will try your hint.
@Stian: I am trying login to Keycloak admin console.

On Mon, Apr 18, 2016 at 1:59 PM, Stian Thorgersen <sthorger at redhat.com>
wrote:

> Just to confirm are you trying to login to Keycloak admin console or
> WildFly console?
>
> On 18 April 2016 at 10:04, Andrej Prievalsky <ado.boj.83 at gmail.com> wrote:
>
>> OK, but when we created user with add-user-keycloak.sh:
>>
>> [sab at idm69 wildfly]$ ./bin/add-user-keycloak.sh -r master -u admin -p
>> admin
>> Added 'admin' to
>> '/opt/wildfly/standalone/configuration/keycloak-add-user.json', restart
>> server to load user
>>
>> After restart server, we can't login with admin user and password admin.
>> We got Error message: Invalid username or password.
>>
>>
>> Can be problem on your side or in our setup and configuration?
>>
>> On Fri, Apr 15, 2016 at 3:25 PM, Stian Thorgersen <sthorger at redhat.com>
>> wrote:
>>
>>> With server overlay use add-user-keycloak and restart the server
>>>
>>> On 15 April 2016 at 14:43, Andrej Prievalsky <ado.boj.83 at gmail.com>
>>> wrote:
>>>
>>>> Hi All,
>>>>
>>>> in setup Wildfly-10 in domain mode + keycloak-overlay-1.9.2.Final I
>>>> tried to create Admin User in two ways like in guide:
>>>>
>>>> 1.) via bin/add-user.[sh|bat] -r master -u <username> -p <password>
>>>> I got this ERROR:
>>>>
>>>> *[sab at idm69 wildfly]$ ./bin/add-user.sh -r master -u admin -p tmo46713*
>>>>
>>>>
>>>>
>>>> ** Error **
>>>>
>>>> *WFLYDM0065: The user supplied realm name 'master' does not match the
>>>> realm name discovered from the property file(s) 'ManagementRealm'.*
>>>>
>>>>
>>>>
>>>> *Exception in thread "main"
>>>> org.jboss.as.domain.management.security.adduser.AddUserFailedException:
>>>> WFLYDM0065: The user supplied realm name 'master' does not match the realm
>>>> name discovered from the property file(s) 'ManagementRealm'.*
>>>>
>>>> *        at
>>>> org.jboss.as.domain.management.security.adduser.ErrorState.execute(ErrorState.java:72)*
>>>>
>>>> *        at
>>>> org.jboss.as.domain.management.security.adduser.AddUser.run(AddUser.java:130)*
>>>>
>>>> *        at
>>>> org.jboss.as.domain.management.security.adduser.AddUser.main(AddUser.java:223)*
>>>>
>>>> *        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)*
>>>>
>>>> *        at
>>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)*
>>>>
>>>> *        at
>>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)*
>>>>
>>>> *        at java.lang.reflect.Method.invoke(Method.java:497)*
>>>>
>>>> *        at org.jboss.modules.Module.run(Module.java:329)*
>>>>
>>>> *        at org.jboss.modules.Main.main(Main.java:507)*
>>>>
>>>>
>>>> 2.) via bin/add-user-keycloak.[sh|bat] -r master -u <username> -p
>>>> <password>
>>>>
>>>> User was created under standalone path.
>>>>
>>>>
>>>> Thanks and Best Regards
>>>>
>>>> Andrej.
>>>>
>>>>
>>>>
>>>> On Thu, Mar 3, 2016 at 7:18 PM, Stian Thorgersen <sthorger at redhat.com>
>>>> wrote:
>>>>
>>>>> Please read the documentation it explains it all
>>>>> http://keycloak.github.io/docs/userguide/keycloak-server/html/server-installation.html#d4e116
>>>>>
>>>>> On 3 March 2016 at 16:24, Andrej Prievalsky <ado.boj.83 at gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Hi all,
>>>>>>
>>>>>> 1.) meantime I tried on keycloak-overlay-1.7.0.Final via
>>>>>> add-user-keycloak.sh script in wildfly domain mode create Admin user  and I
>>>>>> got:
>>>>>>
>>>>>> [root at keycloakoverlay /opt/wildfly/bin]$ ./add-user-keycloak.sh -u
>>>>>> admin -p admin
>>>>>> Added 'admin' to '
>>>>>> */opt/wildfly/standalone/configuration/keycloak-add-user.json*',
>>>>>> restart server to load user
>>>>>>
>>>>>> Is it correct, that user is created in standalone path?
>>>>>>
>>>>>>
>>>>>> ----------------------------------------------------------------------------
>>>>>>
>>>>>> 2.) can I in version 1.7.0.Final create or replace Admin user for
>>>>>> Master realm with permanent password, which could be created automatically
>>>>>> via command line and not needed change password manually after first login?
>>>>>>
>>>>>> Thanks,
>>>>>> Andrej.
>>>>>>
>>>>>>
>>>>>> On Thu, Mar 3, 2016 at 1:50 PM, Stian Thorgersen <sthorger at redhat.com
>>>>>> > wrote:
>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On 3 March 2016 at 13:48, Stan Silvert <ssilvert at redhat.com> wrote:
>>>>>>>
>>>>>>>> On 3/3/2016 12:09 AM, Stian Thorgersen wrote:
>>>>>>>>
>>>>>>>> The standard add-user script adds WildFly users, we want the
>>>>>>>> standard script to add Keycloak users. It's a Keycloak server after all.
>>>>>>>>
>>>>>>>> You still need WildFly users if you want to use CLI (remotely) or
>>>>>>>> web console.   As far as I know, we can't secure those things with Keycloak
>>>>>>>> yet.
>>>>>>>>
>>>>>>>
>>>>>>> In the future we will secure it with Keycloak, in the mean time the
>>>>>>> add-user has a '--container' option.
>>>>>>>
>>>>>>>
>>>>>>>>
>>>>>>>> There are workarounds, but I'm just saying, WildFly add-user.sh is
>>>>>>>> a useful tool that we might want to still ship in some form until such time
>>>>>>>> that CLI and web console is fully integrated with Keycloak.
>>>>>>>>
>>>>>>>>
>>>>>>>> On 2 March 2016 at 20:00, Stan Silvert <ssilvert at redhat.com> wrote:
>>>>>>>>
>>>>>>>>> On 3/2/2016 1:50 PM, Stian Thorgersen wrote:
>>>>>>>>>
>>>>>>>>> Not a chance. In server dist we want to hide WildFly's add-user
>>>>>>>>> script.
>>>>>>>>>
>>>>>>>>> I could guess, but I have to ask, why?
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On 2 March 2016 at 14:12, Stan Silvert <ssilvert at redhat.com>
>>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>>> On 3/2/2016 7:02 AM, Stian Thorgersen wrote:
>>>>>>>>>>
>>>>>>>>>> In overlay the script should be add-user-keycloak. The overlay
>>>>>>>>>> adds Keycloak server to an existing WildFly installation so we don't want
>>>>>>>>>> to overwrite any existing files. I appreciate this may be confusing and
>>>>>>>>>> inconsistent, but at the same time if we did overwrite people would
>>>>>>>>>> probably complain about us overwriting the existing script.
>>>>>>>>>>
>>>>>>>>>> In the server dist this doesn't apply as the server is purely a
>>>>>>>>>> Keycloak server, not a WildFly server.
>>>>>>>>>>
>>>>>>>>>> I guess the solution would be to make server dist consistent with
>>>>>>>>>> overlay, so both are add-user-keycloak.  Not sure how I feel about that.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On 2 March 2016 at 11:10, Bruno Oliveira <bruno at abstractj.org>
>>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>>> I'm not sure if I follow your question but './add-user.sh -u
>>>>>>>>>>> admin -p admin' or './add-user.sh -u admin' should work.
>>>>>>>>>>>
>>>>>>>>>>> On Wed, Mar 2, 2016 at 7:03 AM Andrej Prievalsky <
>>>>>>>>>>> ado.boj.83 at gmail.com> wrote:
>>>>>>>>>>>
>>>>>>>>>>>> Hi Bruno,
>>>>>>>>>>>>
>>>>>>>>>>>> thanks for answer.
>>>>>>>>>>>> But from
>>>>>>>>>>>> http://keycloak.github.io/docs/userguide/keycloak-server/html/server-installation.html#d4e116
>>>>>>>>>>>> and section: *...you can use the add-user script from the
>>>>>>>>>>>> command-line.*
>>>>>>>>>>>> is my question is how exactly should looks like command with
>>>>>>>>>>>> add-user script?
>>>>>>>>>>>> Because in past we used this command: add-user.sh –container
>>>>>>>>>>>> -u admin -p admin
>>>>>>>>>>>>
>>>>>>>>>>>> Andrej.
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> On Wed, Mar 2, 2016 at 10:38 AM, Bruno Oliveira <
>>>>>>>>>>>> bruno at abstractj.org> wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> Hi Andrej, answers inline
>>>>>>>>>>>>>
>>>>>>>>>>>>> On Wed, Mar 2, 2016 at 6:13 AM Andrej Prievalsky <
>>>>>>>>>>>>> ado.boj.83 at gmail.com> wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> Hi,
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> I would like to summary information about How to add Admin
>>>>>>>>>>>>>> User - chapter 3.2.1.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> My questions are:
>>>>>>>>>>>>>> 1.) From which version (including) is new concept, that there
>>>>>>>>>>>>>> is no built in user?
>>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> 1.8.0 See:
>>>>>>>>>>>>> http://keycloak.github.io/docs/userguide/keycloak-server/html/Migration_from_older_versions.html#d4e4031
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>> 2a.) What is exact command via add-user script (add-user.sh) for
>>>>>>>>>>>>>> create admin user ?
>>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> See:
>>>>>>>>>>>>> http://keycloak.github.io/docs/userguide/keycloak-server/html/server-installation.html#d4e116
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>> 2b.) Same question like in 2a, but in keycloak-overlay (
>>>>>>>>>>>>>> add-user-keycloak.sh)?
>>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> You are correct. Maybe this is an inconsistency to be fixed.
>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Thanks and Best Regards,
>>>>>>>>>>>>>> Andrej.
>>>>>>>>>>>>>> _______________________________________________
>>>>>>>>>>>>>> keycloak-user mailing list
>>>>>>>>>>>>>> keycloak-user at lists.jboss.org
>>>>>>>>>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>> _______________________________________________
>>>>>>>>>>> keycloak-user mailing list
>>>>>>>>>>> keycloak-user at lists.jboss.org
>>>>>>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> _______________________________________________
>>>>>>>>>> keycloak-user mailing listkeycloak-user at lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> _______________________________________________
>>>>>>>>>> keycloak-user mailing list
>>>>>>>>>> keycloak-user at lists.jboss.org
>>>>>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> keycloak-user mailing list
>>>>>>> keycloak-user at lists.jboss.org
>>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160419/84e81b9f/attachment-0001.html 