Ya, this is quite hairy. You'll have to set the REQUIRED ACTION to
reset all credentials handled by the federation provider.
Unfortunately, you can now only set one required action per user :(
On 7/31/2014 3:05 PM, Marek Posolda wrote:
+1 for having it optional.
However if you remove LDAP UserFederationProvider, the users from LDAP
won't be able to login with their passwords until admin change them...
Marek
On 31.7.2014 16:09, Stian Thorgersen wrote:
> I think it should be optional.
>
> Someone may for example migrate from LDAP to using Keycloak. Once they've
migrated all apps they'll want to decommission the LDAP server, but they would still
want to keep the users.
>
> ----- Original Message -----
>> From: "Bill Burke" <bburke(a)redhat.com>
>> To: keycloak-dev(a)lists.jboss.org
>> Sent: Thursday, 31 July, 2014 3:05:31 PM
>> Subject: [keycloak-dev] delete users on federation removal?
>>
>> I'm assuming that if a UserFederationProvider is removed from a realm,
>> then all users imported from that provider should be deleted?
>>
>> --
>> Bill Burke
>> JBoss, a division of Red Hat
>>
http://bill.burkecentral.com
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev(a)lists.jboss.org
>>
https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/keycloak-dev
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com