<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">What you can do is:<br>
- Create the user "temp-admin" and bootstrap Keycloak with him<br>
- Login to admin console as "temp-admin" and create LDAP
federation provider in master realm with syncRegistrations=true<br>
- Create new user "real-admin" and set the password for him. This
one will be stored in LDAP now<br>
- Logout as "temp-admin" and login to admin console as
"real-admin"<br>
- Delete "temp-admin" . <br>
<br>
The user "real-admin" is now stored in LDAP with his credentials
and there is no admin user with credentials in Keycloak DB. <br>
<br>
Is it sufficient for your use-case?<br>
<br>
Marek<br>
<br>
On 11/07/16 06:41, Fabricio Milone wrote:<br>
</div>
<blockquote
cite="mid:CAOjtoUNGJUTt=6E0gbpXq+nwnS3gBu0xHk7OB9EnTM_jcctZ8w@mail.gmail.com"
type="cite">
<div dir="ltr"><br clear="all">
<div>Hi,</div>
<div><br>
</div>
<div>We would like to be able to create the admin user using
LDAP, so the credentials are not stored in Keycloak's database
at all.</div>
<div><br>
</div>
<div>I think there is no way to achieve this at the moment,
would you think this is possible? </div>
<div><br>
</div>
<div>I'd like to create a feature request if you don't mind.</div>
<div><br>
</div>
<div>Regards</div>
-- <br>
<div class="gmail_signature" data-smartmail="gmail_signature">
<div dir="ltr">
<div><span
style="font-size:12.8px;font-family:Verdana,Arial,Helvetica,sans-serif"><b><font
color="#000000">Fabricio Milone</font></b></span></div>
<div><span
style="font-size:12.8px;font-family:Verdana,Arial,Helvetica,sans-serif"><font
color="#000000">Developer</font></span></div>
<span
style="font-size:12.8px;font-family:Verdana,Arial,Helvetica,sans-serif"><b><font
color="#009900">
<div><span
style="font-size:12.8px;font-family:Verdana,Arial,Helvetica,sans-serif"><b><font
color="#009900"><br>
</font></b></span></div>
Shine Consulting </font></b></span><span
style="font-size:12.8px;font-family:Verdana,Arial,Helvetica,sans-serif">
<p style="font-size:13.3px;color:rgb(0,153,0);margin:0pt"><span
style="color:rgb(0,0,0)">30/600 Bourke Street</span></p>
<p style="font-size:13.3px;color:rgb(0,153,0);margin:0pt"><span
style="color:rgb(0,0,0)">Melbourne VIC 3000</span></p>
<p style="font-size:13.3px;color:rgb(0,153,0);margin:0pt"><span
style="color:rgb(0,0,0)">T: 03 8488 9939</span></p>
<p style="font-size:13.3px;color:rgb(0,153,0);margin:0pt"><span
style="color:rgb(0,0,0)">M: 04 3200 4006</span></p>
<p style="font-size:13.3px;color:rgb(0,153,0);margin:0pt"><span
style="color:rgb(0,0,0)"><br>
</span></p>
</span><span
style="font-size:13.3px;font-family:Verdana,Arial,Helvetica,sans-serif"><span
style="font-size:13.3px">
<p style="margin:0pt"><a moz-do-not-send="true"
href="http://www.shinetech.com/"
style="color:rgb(51,51,51)" target="_blank">www.shinetech.com</a><font
color="#333333"> </font><i
style="color:rgb(51,51,51)"><b>a</b></i><font
color="#333333"> passion for excellence</font></p>
</span></span></div>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
keycloak-user mailing list
<a class="moz-txt-link-abbreviated" href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a>
<a class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/keycloak-user">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>
</blockquote>
<br>
</body>
</html>