[keycloak-user] Default Realm Roles Not Set When role-ldap-mapper is configured for AD

Adrian Matei adrianmatei at gmail.com
Wed Jun 7 07:22:53 EDT 2017


I forgot to mention - this is valid for both 2.5.1 and 3.1 Versions

Best regards,
Adrian

On Wed, Jun 7, 2017 at 1:11 PM, Adrian Matei <adrianmatei at gmail.com> wrote:

> Hi everyone,
>
> When I configure an LDAP Role Mapper for Active Directory the Default
> Roles of the Realm are not set anymore when a user registers himself or if
> I create one via the Keycloak Admin Console.
>
> Configuration:
>
> Mapper type: role-ldap-mapper
> LDAP Roles DN: subtree in AD
> Role LDAP Attribute: cn
> Role Object Classes: group
> Membership LDAP Attribute: member
> Membership Attribute Type: DN
> Membership User LDAP Attribute: uid
> Mode: LDAP_ONLY
> User Roles Retrieve Strategy: LOAD_ROLES_BY_MEMBER_Attribute
> Use Realm Roles Mapping: ON
>
>
> Does anyone have a solution, or should I create a Jira Issue for that?
>
> Best regards,
> Adrian
>
>


More information about the keycloak-user mailing list