<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=us-ascii"><meta name=Generator content="Microsoft Word 12 (filtered medium)"><!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
{mso-style-priority:99;
mso-style-link:"Balloon Text Char";
margin:0cm;
margin-bottom:.0001pt;
font-size:8.0pt;
font-family:"Tahoma","sans-serif";}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0cm;
margin-right:0cm;
margin-bottom:0cm;
margin-left:36.0pt;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.BalloonTextChar
{mso-style-name:"Balloon Text Char";
mso-style-priority:99;
mso-style-link:"Balloon Text";
font-family:"Tahoma","sans-serif";}
.MsoChpDefault
{mso-style-type:export-only;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:184251516;
mso-list-type:hybrid;
mso-list-template-ids:-849169876 336134159 336134169 336134171 336134159 336134169 336134171 336134159 336134169 336134171;}
@list l0:level1
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
ol
{margin-bottom:0cm;}
ul
{margin-bottom:0cm;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="2050" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-NZ link=blue vlink=purple><div class=WordSection1><p class=MsoNormal>Hi,<o:p></o:p></p><p class=MsoNormal>Does the user group work with the Client Roles realm-management? I created a realm admin user group that has role mapped to realm-admin in realm-management Client Roles. Then I assigned a user to the group. When the user logged in the realm, the user doesn’t have access to the requested resource.<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>Steps (screenshots attached):<o:p></o:p></p><p class=MsoListParagraph style='text-indent:-18.0pt;mso-list:l0 level1 lfo1'><![if !supportLists]><span style='mso-list:Ignore'>1.<span style='font:7.0pt "Times New Roman"'> </span></span><![endif]>Create a realm admin user group, go to Role Mapping tab, choose realm-management from Client Roles drop down list and assign realm-admin <o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><img width=864 height=486 id="Picture_x0020_3" src="cid:image002.jpg@01D132A2.76B79AD0"><o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoListParagraph style='text-indent:-18.0pt;mso-list:l0 level1 lfo1'><![if !supportLists]><span style='mso-list:Ignore'>2.<span style='font:7.0pt "Times New Roman"'> </span></span><![endif]>Create a user and assign it to the user group<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><img width=862 height=486 id="Picture_x0020_4" src="cid:image005.jpg@01D132A2.76B79AD0"><o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoListParagraph style='text-indent:-18.0pt;mso-list:l0 level1 lfo1'><![if !supportLists]><span style='mso-list:Ignore'>3.<span style='font:7.0pt "Times New Roman"'> </span></span><![endif]>User log in to the realm but can’t access the realm admin<o:p></o:p></p><p class=MsoNormal><img width=876 height=492 id="Picture_x0020_5" src="cid:image009.jpg@01D132A2.76B79AD0"><o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><!--[if gte vml 1]><v:shapetype id="_x0000_t75" coordsize="21600,21600" o:spt="75" o:preferrelative="t" path="m@4@5l@4@11@9@11@9@5xe" filled="f" stroked="f">
<v:stroke joinstyle="miter" />
<v:formulas>
<v:f eqn="if lineDrawn pixelLineWidth 0" />
<v:f eqn="sum @0 1 0" />
<v:f eqn="sum 0 0 @1" />
<v:f eqn="prod @2 1 2" />
<v:f eqn="prod @3 21600 pixelWidth" />
<v:f eqn="prod @3 21600 pixelHeight" />
<v:f eqn="sum @0 0 1" />
<v:f eqn="prod @6 1 2" />
<v:f eqn="prod @7 21600 pixelWidth" />
<v:f eqn="sum @8 21600 0" />
<v:f eqn="prod @7 21600 pixelHeight" />
<v:f eqn="sum @10 21600 0" />
</v:formulas>
<v:path o:extrusionok="f" gradientshapeok="t" o:connecttype="rect" />
<o:lock v:ext="edit" aspectratio="t" />
</v:shapetype><v:shape id="Picture_x0020_6" o:spid="_x0000_s1026" type="#_x0000_t75" style='position:absolute;margin-left:0;margin-top:0;width:654pt;height:368.25pt;z-index:1;visibility:visible;mso-wrap-style:square;mso-wrap-distance-left:9pt;mso-wrap-distance-top:0;mso-wrap-distance-right:9pt;mso-wrap-distance-bottom:0;mso-position-horizontal:left;mso-position-horizontal-relative:text;mso-position-vertical:top;mso-position-vertical-relative:text'>
<v:imagedata src="cid:image010.png@01D132A1.8CC85E00" o:title="" />
<w:wrap type="square"/>
</v:shape><![endif]--><![if !vml]><img width=872 height=491 src="cid:image011.jpg@01D132A2.76B79AD0" align=left hspace=12 v:shapes="Picture_x0020_6"><![endif]><br clear=all><o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><table class=MsoNormalTable border=0 cellspacing=0 cellpadding=0 width="100%" style='width:100.0%'><tr><td valign=top style='padding:0cm 0cm 0cm 0cm'><div><p class=MsoNormal style='line-height:13.0pt'><span style='font-family:"Arial","sans-serif";color:#212121'>Ken Kong<o:p></o:p></span></p></div><div><p class=MsoNormal style='line-height:13.0pt'><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:#212121'>Senior Java Developer<o:p></o:p></span></p></div><div><p class=MsoNormal style='line-height:13.0pt'><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:#616162'>Invenco Group Limited<o:p></o:p></span></p></div><div><p class=MsoNormal style='line-height:13.0pt'><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:#616162;text-transform:uppercase'>O: +64 9 905 5661<o:p></o:p></span></p></div><div><p class=MsoNormal style='line-height:13.0pt'><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:#616162'><a href="mailto:Ken.Kong@invenco.com"><span style='color:blue'>Ken.Kong@invenco.com</span></a><o:p></o:p></span></p></div><div><p class=MsoNormal style='line-height:2.0pt'><span style='font-size:2.0pt;font-family:"Arial","sans-serif";color:#212121'><o:p> </o:p></span></p></div><div><p class=MsoNormal style='line-height:13.0pt'><b><span style='font-size:9.0pt;font-family:"Arial","sans-serif";color:#212121'><a href="http://www.invenco.com"><span style='color:blue'>www.invenco.com</span></a><o:p></o:p></span></b></p></div></td></tr><tr style='height:5.0pt'><td style='padding:0cm 0cm 0cm 0cm;height:5.0pt'></td></tr></table><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Times New Roman","serif";display:none'><o:p> </o:p></span></p><table class=MsoNormalTable border=1 cellspacing=0 cellpadding=0 width="100%" style='width:100.0%;border:none;border-top:solid #9E9E9E 1.0pt'><tr style='height:3.0pt'><td style='border:none;padding:0cm 0cm 0cm 0cm;height:3.0pt'></td></tr><tr style='height:3.0pt'><td style='border:none;padding:0cm 0cm 0cm 0cm;height:3.0pt'><table class=MsoNormalTable border=0 cellspacing=0 cellpadding=0 width="100%" style='width:100.0%'><tr><td width=300 valign=top style='width:225.0pt;padding:0cm 0cm 0cm 0cm'><div><p class=MsoNormal style='line-height:9.0pt'><b><span style='font-size:9.0pt;font-family:"Arial","sans-serif";color:#9E9E9E'>Disclaimer: This email is confidential and may be legally privileged. If you are not the intended recipient you must not use any of the information in it and must delete the email immediately.<o:p></o:p></span></b></p></div><div><p class=MsoNormal style='margin-bottom:12.0pt;line-height:9.0pt'><span style='font-size:9.0pt;font-family:"Arial","sans-serif";color:#9E9E9E'><br><br><o:p></o:p></span></p></div></td></tr></table></td></tr></table><p class=MsoNormal><o:p> </o:p></p></div></body></html>