On 17/11/16 11:10, cen wrote:
For question two, Keycloak uses h2 database by default which is
stored
locally in KC directory. But for production you probably don't want to
use that. You should configure Keycloak to use an external database and
backup that instead. You basically just modify standalone.xml and change
the KeycloakDS datasource to use the database of your choice.
+1 . Never use h2 in
production.
For LDAP, we didn't yet try to test the configuration like this. What we
do is, that the configured "Connection URL" is used as the property
"java.naming.provider.url" of the LDAP InitialContext. So if that is
supported by Java OOTB, then it works. Otherwise probably not. You can
doublecheck and possibly create JIRA with the example URLs of your AD DCs.
Thanks,
Marek
mj je 17. 11. 2016 ob 11:01 napisal:
> Hi all,
>
> We've just found keycloak, and are evaluating it. It's looking great so
> far! We have two questions.
>
> Question one:
> We are running three AD DCs, and would like to configure all three in
> keycloak, to get failover & redundancy.
> To do this, I have simply configured three comma-seperated DCs in the
> ldap URL field. Keycloak accepted this input, but I'm not sure that all
> three will be used...
> Is the above the way to provide multiple ldap servers to keycloak?
>
> Question two:
> How about backing up keycloak? We are running from an extracted tar.gz.
> If we keep backups of this keycloak-directory, is that enough? Does
> keycloak need to be shutdown at backup time?
>
> Best regards,
> MJ
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/keycloak-user
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user