[keycloak-user] Users (related to LDAP) are gone when I change the username

Tue Oct 10 08:08:17 EDT 2017

Thanks.

I see it probably doesn't work as you have email as username and "uid" 
is used as both username attribute and RDN attribute. When you're 
changing email of user in Keycloak, it is trying to change "uid" in 
LDAP, but that's not allowed.

I can imagine that things might work if you configure "mail" as 
"Username LDAP Attribute" and "uid" as "RDN LDAP Attribute", but you 
probably need to do some tricks with mappers and maybe implement your 
own LDAP mapper. If you don't manage to have this working, feel free to 
create JIRA.

Marek

On 09/10/17 18:54, Celso Agra wrote:
> Thanks for your answer, Marek!
>
> Here is some of my configs. In addition, I put the same values to 
> username and e-mail.
>
> Here is my User Representation:
>
>     UserRepresentation user = new UserRepresentation();
>     user.setUsername(email);
>     user.setFirstName(firstName;
>     user.setLastName(lastName);
>     user.setEnabled(true);
>     user.setEmail(email);
>
>
> Best regards,
>
> Celso Agra
>
>
> 2017-10-09 10:37 GMT-03:00 Marek Posolda <mposolda at redhat.com 
> <mailto:mposolda at redhat.com>>:
>
>     We didn't try to test this use-case though. But it may work as
>     long as things are configured correctly. Maybe I would re-create
>     the LDAP provider with the "Username LDAP attribute" be set to
>     "mail", but the "RDN LDAP Attribute" to "uid" . Is this the
>     configuration you're using?
>
>     If things still doesn't work, you can possibly create JIRA .
>     Ideally with the details of the configuration of your LDAP
>     provider, realm (whether 'username as email' is enabled etc) and
>     how LDAP users looks like and how you expect them to look like after.
>
>     Regards,
>     Marek
>
>
>     On 04/10/17 15:45, Celso Agra wrote:
>
>         Hi all,
>
>         I'm getting a strange behavior.
>
>         My LDAP (openldap) is configured as writable in my User
>         Federation. So, I
>         can create user from my Keycloak, but when I change the
>         username, the user
>         disappear from my user's list.
>
>         I check the LDAP and the user still there, with the 'old'
>         username. So, is
>         there some way to change the username without disappear from
>         the keycloak
>         user's list?
>
>         This occurs because in my case, username as the same of email.
>         So, If the
>         user changes email, I have to change the username also.
>
>         I'm using version 3.0.0.Final
>
>
>         Best regards
>
>
>
>
>
>
> -- 
> ---
> *Celso Agra*