Hi,

right now users authenticated via LDAP are synced to keycloak database and they receive just default roles configured for particular realm (or realm applications). Other roles need to be done manually. Right now we don't have any support for sync LDAP groups or user memberships from LDAP. There is jira for it https://issues.jboss.org/browse/KEYCLOAK-630

Marek

On 13.11.2014 01:32, Lionel Orellana wrote:

Hi,

I am evaluating LDAP integration in version 1.1.0.Beta1. I don't see anything in the LDAP provider settings regarding groups. I was expecting something similar to the jboss ldap login module where there are settings to populate the user principal with roles from LDAP groups. Is there an alternative way to do this with Keycloak?

Thanks

Lionel.
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user