Hi Marek,
Actually we tried that, but the it still doesn't work. Not even "
directAccessGrantsEnabled": true, value under realm.json.
We tried importing realm.json with "directAccessGrantsEnabled": true value
under clients section, it isnt working there too.
Would be great if someone could guide us what to do or may be what are
missing.
Thanks & regards
Kapil
On Thu, 31 Jan 2019, 17:59 Marek Posolda, <mposolda(a)redhat.com> wrote:
I suggest to try the export/import as I mentioned already. I hope
this can
give you a hint how the JSON should look like.
Regards,
Marek
On 31/01/2019 13:23, kapil joshi wrote:
On Thu, 31 Jan 2019, 17:53 kapil joshi, <kapilkumarjoshi001(a)gmail.com>
wrote:
> Hi Marek,
>
>
> Thanks for the reply, actually we see one ldaprealm.json in the LDAP
> integration with keycloak example. But even there we saw entries only for
> role-ldap-mapper.
>
> Can someone in your team provide a sample for hardcoded-ldap-mapper
>
> Thanks
> Kapil
>
>
> On 31 Jan 2019 17:21, "Marek Posolda" <mposolda(a)redhat.com> wrote:
>
> I am not sure about the JSON format from the top of my head. I suggest to
> create things manually in admin console, then export it to JSON, so you can
> see proper JSON format. See keycloak documentation for Export/Import for
> more details.
>
> Marek
>
> On 31/01/2019 07:19, kapil joshi wrote:
>
> Hi Marek,
>
> I was trying to import realm.json which contains following entry, to
> include hardcoded-ldap-mapper in keycloak, for realm-management role of
> manage-users, but its failing to import, can you give us a small example of
> such entry in realm.json which we can follow on.
>
> // snippet of realm.json
>
> * {*
> * "name": "administrator",*
> *"federationMapperType"**:
"hardcoded-ldap-role-mapper",*
> *"**federationProviderDisplayName"*
> * : "ldap", *
> * "subComponents": {},*
> * "config": {*
> * "role": [*
> * "realm-management.manage-users"*
> * ]*
> * }*
> * }*
>
>
> *Thanks *
> *Kapil*
>
> On Tue, Jan 29, 2019 at 2:38 PM kapil joshi <kapilkumarjoshi001(a)gmail.com>
> wrote:
>
>> Hi Marek,
>>
>> First of all thanks for your response, it works !!! . I tried mapping a
>> client role (i.e realm-management roles), few observations:
>> 1) I was not able to save the configuration was getting below attached
>> error message.
>> [image: image.png]
>>
>> But then i saw there is already a bug filed on this issue.
>> So applied the work around, and was able to get the client role added
>> for LDAP imported user.
>>
>> Thanks again,
>> Kapil
>>
>>
>>
>> On Tue, Jan 29, 2019 at 1:43 AM Marek Posolda <mposolda(a)redhat.com>
>> wrote:
>>
>>> Yes, this should be doable with hardcoded-ldap-role-mapper if I
>>> understand your use-case correctly (See tab "mappers" in the admin
console
>>> when you're on the page with the details of LDAP provider).
>>>
>>> Marek
>>>
>>> On 28/01/2019 10:24, kapil joshi wrote:
>>>
>>> Hi All,
>>>
>>> Can we assign realm-management client roles for users imported from LDAP in
>>> Keycloak.
>>> Currently we are trying to set up LDAP based user federation using by
>>> importing a realm.json, configured with LDAP related configuration. Have
>>> attached it to this email.
>>> Basically the requirement is when we login to the client using the LDAP
>>> credentials, the user should be able to access user-management and
>>> view-realm client(i.e accessing the admin console) from client side.
>>>
>>> Thanks
>>> Kapil
>>>
>>>
>>> _______________________________________________
>>> keycloak-user mailing
listkeycloak-user@lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>>
>>>
>
>