Not expected. It should work and our tests are passing. Looks like some
mis-configuration or something. We have an example in keycloak-examples
distribution called "ldap" . Here you can see some example how can LDAP
role be configured (no example for group-mapper yet, but it's quite
similar to role mapper)
Marek
On 26/09/17 12:04, Tiemen Ruiten wrote:
Hello,
I'm testing with the following setup:
In our Active Directory, which is federated to Keycloak, we have a
container with 'access' groups (groups that are used to give access to
certain applications, akin to Keycloak roles) and a container for 'user'
groups (eg. sales, it, marketing etc.). Users are always only direct
members of a user group. The access groups can only have user groups as
members, never users.
In Keycloak, I have created two LDAP-group-mappers for both containers, but
unfortunately, none of the user groups show any members. Is this expected?
Using Keycloak 3.2.1 Final.