[keycloak-user] Issue with special character in CommonName / DistinguishedName from Active Directory
Kroener, Hermann
Hermann.Kroener at barco.com
Mon Jan 18 07:59:12 EST 2016
Dear all,
I'm facing some issues with the Role Mapping of user accounts in Keycloak Server (v1.7.0) which are imported from our Active Directory.
I configured the User Federation and added some Role Mappers to map AD groups to Realm Roles.
The user accounts are imported from AD and the Groups are added as Realm Roles.
But the Roles are not assigned to the User Accounts inside Keycloak after the Import.
Finally I could break the issue down to the naming scheme in our Active Directory:
Our IT adds users as "CN=<LastName>, <FirstName>" and "DN=<LastName>\, <FirstName>,OU=...,DC=...,DC=..."
The DN (with escaped comma) is also used as Group member attribute.
It seems that Keycloak has an issue with special characters in CN / DN.
Is there anything I can do in my current Keycloak instance or needs this to be fixed in an upcoming version of Keyclaok?
BR, Hermann
____________________________
Hermann Kröner
Testing Engineer Security
Barco Control Rooms GmbH
Greschbachstrasse 5a
D - 76229 Karlsruhe
Telefon +49 721 6201 461
http://www.barco.com
mailto:hermann.kroener at barco.com
____________________________
Registered at 76229 Karlsruhe, Amtsgericht Mannheim, HRB 102241,
Management: Lutz Nehrhoff von Holderberg
This message is subject to the following terms and conditions: MAIL DISCLAIMER<http://www.barco.com/en/maildisclaimer>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160118/c51b9f9a/attachment-0001.html
More information about the keycloak-user
mailing list