To solve a similar problem I created my own login module that checks that the user exists in LDAP first. If this is so and the user doesn't exist in the portal DB, it creates it (with same username and password), using the user and roles module that you can get from JNDI. It also creates roles if needed. You can maybe use variations of this idea to solve LDAP-Portal integration problems. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4012907#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...