My only worry would be that we get more and more questions about various
LDAP vendors as well as PRs that has to be reviewed. There's also a fair
chance that PRs for a vendor we don't support can impact vendors we do
support.
I'd be happy with adding the section in the docs, but we should be slightly
careful about which vendors we list. They should be popular vendors that we
imagine we will potentially support at some point, rather than obscure old
things only used by a select few.
On 10 January 2017 at 13:50, Marek Posolda <mposolda(a)redhat.com> wrote:
We support and test just with few known LDAP server vendors. However
there are lots of questions from the community related to other various
LDAP servers (eg. MSAD LDS, Samba4 AD, Novell eDirectory). There are
also some community contributions. For example we have the user, who did
the integration with MSAD LDS and he contributed the
MSADLDSUserAccountControlStorageMapper for that.
I was thinking whether it's good to have community-driven documentation
with the notes about how to integrate with various external LDAP
servers. We will just add the sub-chapter like "LDAP server vendors
specific configurations" to our LDAP documentation. At the beginning, we
will add the Warning paragraph with the text like:
"These LDAP servers are not tested and officially supported by the
Keycloak team. It is all driven by the community. So be aware that
provided informations are not guaranteed to be 100% up-to-date."
And then paragraphs with the needed steps how to configure LDAP
StorageProvider and mappers when you want to integrate with the
particular LDAP vendor. For example something like this for MSAD LDS:
https://issues.jboss.org/browse/KEYCLOAK-4009?focusedCommentId=13333341&
page=com.atlassian.jira.plugin.system.issuetabpanels%
3Acomment-tabpanel#comment-13333341
Marek
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev