[keycloak-user] password policy | federation to AD
mj
lists at merit.unu.edu
Sat Aug 19 06:06:40 EDT 2017
Hi,
REALM federated to active directory, with password requirements like:
- required 1 uppercase
- required 1 digit
- required 1 lowercase
- required 1 special character
- min 8 characters
- cannot contain username
- max age 180 days
Now, when I logon keycloak, I am asked to change my password. Correct.
But when I provide a bad password like "123", I would expect keycloak to
say something like: "ERROR: this password does not meet the password
complexity requirements, please use ..." etc.
However, the only message I receive with a password like "xyz" is:
"Could not modify attribute for DN
[CN=username,CN=Users,DC=ad,DC=company,DC=com]"
So how is the user supposed to know what the configured password
requirements are..?
This is on keycloak 3.1.0 btw.
Advise?
MJ
More information about the keycloak-user
mailing list