With only domain option I got and it doesn't work:
[sab@idm72 wildfly]$ ./bin/add-user-keycloak.sh -r master -u admin -p admin
--domain
Added 'admin' to
'/opt/wildfly/domain/configuration/keycloak-add-user.json',
restart server to load user
But with next option I got and it works:
sab@idm72 wildfly]$ ./bin/add-user-keycloak.sh -r master -u admin -p
admin --domain
--dc /opt/wildfly/domain/servers/idm-server-idm72/configuration/
Added 'admin' to '/opt/wildfly/
domain/servers/idm-server-idm72/configuration/keycloak-add-user.json',
restart server to load user
Are needed for domain both options?
On Tue, Apr 19, 2016 at 1:15 PM, Stian Thorgersen <sthorger(a)redhat.com>
wrote:
There's a domain option:
bin/add-user-keycloak.[sh|bat] -r master -u <username> -p <password>
--domain
On 19 April 2016 at 13:09, Andrej Prievalsky <ado.boj.83(a)gmail.com> wrote:
> Hi all,
>
> @Marek: I am using H2 database. I can't delete /opt/wildfly/standalone/data,
> because this folder is not present.
>
> But, for our domain mode we have to move created /opt/wildfly/standalone/
> configuration/keycloak-add-user.json to
> /opt/wildfly/domain/servers/{server-name}/configuration
> and after we could login to keycloak admin console.
>
> So in summary we have to in domain mode for create admin user:
> 1.) bin/add-user-keycloak.[sh|bat] -r master -u <username> -p <password>
> 2.) copy /opt/wildfly/standalone/configuration/keycloak-add-user.json to
> /opt/wildfly/domain/servers/{server-name}/configuration
> 3.) restart server
>
> Are this steps correctly and expected from your side?
>
>
>
> On Tue, Apr 19, 2016 at 8:40 AM, Andrej Prievalsky <ado.boj.83(a)gmail.com>
> wrote:
>
>> Thanks Marek, I will try your hint.
>> @Stian: I am trying login to Keycloak admin console.
>>
>> On Mon, Apr 18, 2016 at 1:59 PM, Stian Thorgersen <sthorger(a)redhat.com>
>> wrote:
>>
>>> Just to confirm are you trying to login to Keycloak admin console or
>>> WildFly console?
>>>
>>> On 18 April 2016 at 10:04, Andrej Prievalsky <ado.boj.83(a)gmail.com>
>>> wrote:
>>>
>>>> OK, but when we created user with add-user-keycloak.sh:
>>>>
>>>> [sab@idm69 wildfly]$ ./bin/add-user-keycloak.sh -r master -u admin -p
>>>> admin
>>>> Added 'admin' to
>>>> '/opt/wildfly/standalone/configuration/keycloak-add-user.json',
restart
>>>> server to load user
>>>>
>>>> After restart server, we can't login with admin user and password
>>>> admin.
>>>> We got Error message: Invalid username or password.
>>>>
>>>>
>>>> Can be problem on your side or in our setup and configuration?
>>>>
>>>> On Fri, Apr 15, 2016 at 3:25 PM, Stian Thorgersen
<sthorger(a)redhat.com
>>>> > wrote:
>>>>
>>>>> With server overlay use add-user-keycloak and restart the server
>>>>>
>>>>> On 15 April 2016 at 14:43, Andrej Prievalsky
<ado.boj.83(a)gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Hi All,
>>>>>>
>>>>>> in setup Wildfly-10 in domain mode + keycloak-overlay-1.9.2.Final
I
>>>>>> tried to create Admin User in two ways like in guide:
>>>>>>
>>>>>> 1.) via bin/add-user.[sh|bat] -r master -u <username> -p
<password>
>>>>>> I got this ERROR:
>>>>>>
>>>>>> *[sab@idm69 wildfly]$ ./bin/add-user.sh -r master -u admin -p
>>>>>> tmo46713*
>>>>>>
>>>>>>
>>>>>>
>>>>>> ** Error **
>>>>>>
>>>>>> *WFLYDM0065: The user supplied realm name 'master' does
not match
>>>>>> the realm name discovered from the property file(s)
'ManagementRealm'.*
>>>>>>
>>>>>>
>>>>>>
>>>>>> *Exception in thread "main"
>>>>>>
org.jboss.as.domain.management.security.adduser.AddUserFailedException:
>>>>>> WFLYDM0065: The user supplied realm name 'master' does
not match the realm
>>>>>> name discovered from the property file(s)
'ManagementRealm'.*
>>>>>>
>>>>>> * at
>>>>>>
org.jboss.as.domain.management.security.adduser.ErrorState.execute(ErrorState.java:72)*
>>>>>>
>>>>>> * at
>>>>>>
org.jboss.as.domain.management.security.adduser.AddUser.run(AddUser.java:130)*
>>>>>>
>>>>>> * at
>>>>>>
org.jboss.as.domain.management.security.adduser.AddUser.main(AddUser.java:223)*
>>>>>>
>>>>>> * at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
>>>>>> Method)*
>>>>>>
>>>>>> * at
>>>>>>
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)*
>>>>>>
>>>>>> * at
>>>>>>
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)*
>>>>>>
>>>>>> * at java.lang.reflect.Method.invoke(Method.java:497)*
>>>>>>
>>>>>> * at org.jboss.modules.Module.run(Module.java:329)*
>>>>>>
>>>>>> * at org.jboss.modules.Main.main(Main.java:507)*
>>>>>>
>>>>>>
>>>>>> 2.) via bin/add-user-keycloak.[sh|bat] -r master -u
<username> -p
>>>>>> <password>
>>>>>>
>>>>>> User was created under standalone path.
>>>>>>
>>>>>>
>>>>>> Thanks and Best Regards
>>>>>>
>>>>>> Andrej.
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Thu, Mar 3, 2016 at 7:18 PM, Stian Thorgersen <
>>>>>> sthorger(a)redhat.com> wrote:
>>>>>>
>>>>>>> Please read the documentation it explains it all
>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>>
>>>>>>> On 3 March 2016 at 16:24, Andrej Prievalsky
<ado.boj.83(a)gmail.com>
>>>>>>> wrote:
>>>>>>>
>>>>>>>> Hi all,
>>>>>>>>
>>>>>>>> 1.) meantime I tried on keycloak-overlay-1.7.0.Final via
>>>>>>>> add-user-keycloak.sh script in wildfly domain mode create
Admin user and I
>>>>>>>> got:
>>>>>>>>
>>>>>>>> [root@keycloakoverlay /opt/wildfly/bin]$
./add-user-keycloak.sh
>>>>>>>> -u admin -p admin
>>>>>>>> Added 'admin' to '
>>>>>>>>
*/opt/wildfly/standalone/configuration/keycloak-add-user.json*',
>>>>>>>> restart server to load user
>>>>>>>>
>>>>>>>> Is it correct, that user is created in standalone path?
>>>>>>>>
>>>>>>>>
>>>>>>>>
----------------------------------------------------------------------------
>>>>>>>>
>>>>>>>> 2.) can I in version 1.7.0.Final create or replace Admin
user for
>>>>>>>> Master realm with permanent password, which could be
created automatically
>>>>>>>> via command line and not needed change password manually
after first login?
>>>>>>>>
>>>>>>>> Thanks,
>>>>>>>> Andrej.
>>>>>>>>
>>>>>>>>
>>>>>>>> On Thu, Mar 3, 2016 at 1:50 PM, Stian Thorgersen <
>>>>>>>> sthorger(a)redhat.com> wrote:
>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On 3 March 2016 at 13:48, Stan Silvert
<ssilvert(a)redhat.com>
>>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>>> On 3/3/2016 12:09 AM, Stian Thorgersen wrote:
>>>>>>>>>>
>>>>>>>>>> The standard add-user script adds WildFly users,
we want the
>>>>>>>>>> standard script to add Keycloak users. It's a
Keycloak server after all.
>>>>>>>>>>
>>>>>>>>>> You still need WildFly users if you want to use
CLI (remotely)
>>>>>>>>>> or web console. As far as I know, we can't
secure those things with
>>>>>>>>>> Keycloak yet.
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>> In the future we will secure it with Keycloak, in the
mean time
>>>>>>>>> the add-user has a '--container' option.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> There are workarounds, but I'm just saying,
WildFly add-user.sh
>>>>>>>>>> is a useful tool that we might want to still ship
in some form until such
>>>>>>>>>> time that CLI and web console is fully integrated
with Keycloak.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On 2 March 2016 at 20:00, Stan Silvert
<ssilvert(a)redhat.com>
>>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>>> On 3/2/2016 1:50 PM, Stian Thorgersen wrote:
>>>>>>>>>>>
>>>>>>>>>>> Not a chance. In server dist we want to hide
WildFly's add-user
>>>>>>>>>>> script.
>>>>>>>>>>>
>>>>>>>>>>> I could guess, but I have to ask, why?
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On 2 March 2016 at 14:12, Stan Silvert
<ssilvert(a)redhat.com>
>>>>>>>>>>> wrote:
>>>>>>>>>>>
>>>>>>>>>>>> On 3/2/2016 7:02 AM, Stian Thorgersen
wrote:
>>>>>>>>>>>>
>>>>>>>>>>>> In overlay the script should be
add-user-keycloak. The overlay
>>>>>>>>>>>> adds Keycloak server to an existing
WildFly installation so we don't want
>>>>>>>>>>>> to overwrite any existing files. I
appreciate this may be confusing and
>>>>>>>>>>>> inconsistent, but at the same time if we
did overwrite people would
>>>>>>>>>>>> probably complain about us overwriting
the existing script.
>>>>>>>>>>>>
>>>>>>>>>>>> In the server dist this doesn't apply
as the server is purely
>>>>>>>>>>>> a Keycloak server, not a WildFly server.
>>>>>>>>>>>>
>>>>>>>>>>>> I guess the solution would be to make
server dist consistent
>>>>>>>>>>>> with overlay, so both are
add-user-keycloak. Not sure how I feel about
>>>>>>>>>>>> that.
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> On 2 March 2016 at 11:10, Bruno Oliveira
<bruno(a)abstractj.org>
>>>>>>>>>>>> wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> I'm not sure if I follow your
question but './add-user.sh -u
>>>>>>>>>>>>> admin -p admin' or
'./add-user.sh -u admin' should work.
>>>>>>>>>>>>>
>>>>>>>>>>>>> On Wed, Mar 2, 2016 at 7:03 AM Andrej
Prievalsky <
>>>>>>>>>>>>> ado.boj.83(a)gmail.com> wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> Hi Bruno,
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> thanks for answer.
>>>>>>>>>>>>>> But from
>>>>>>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>>>>>>>>> and section: *...you can use the
add-user script from the
>>>>>>>>>>>>>> command-line.*
>>>>>>>>>>>>>> is my question is how exactly
should looks like command with
>>>>>>>>>>>>>> add-user script?
>>>>>>>>>>>>>> Because in past we used this
command: add-user.sh
>>>>>>>>>>>>>> –container -u admin -p admin
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Andrej.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> On Wed, Mar 2, 2016 at 10:38 AM,
Bruno Oliveira <
>>>>>>>>>>>>>> bruno(a)abstractj.org> wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Hi Andrej, answers inline
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> On Wed, Mar 2, 2016 at 6:13
AM Andrej Prievalsky <
>>>>>>>>>>>>>>> ado.boj.83(a)gmail.com>
wrote:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Hi,
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> I would like to summary
information about How to add Admin
>>>>>>>>>>>>>>>> User - chapter 3.2.1.
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> My questions are:
>>>>>>>>>>>>>>>> 1.) From which version
(including) is new concept, that
>>>>>>>>>>>>>>>> there is no built in
user?
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> 1.8.0 See:
>>>>>>>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/Migration_f...
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> 2a.) What is exact
command via add-user script
>>>>>>>>>>>>>>>> (add-user.sh) for create
admin user ?
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> See:
>>>>>>>>>>>>>>>
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-inst...
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> 2b.) Same question like
in 2a, but in keycloak-overlay (
>>>>>>>>>>>>>>>> add-user-keycloak.sh)?
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> You are correct. Maybe this
is an inconsistency to be
>>>>>>>>>>>>>>> fixed.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Thanks and Best Regards,
>>>>>>>>>>>>>>>> Andrej.
>>>>>>>>>>>>>>>>
_______________________________________________
>>>>>>>>>>>>>>>> keycloak-user mailing
list
>>>>>>>>>>>>>>>>
keycloak-user(a)lists.jboss.org
>>>>>>>>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>
_______________________________________________
>>>>>>>>>>>>> keycloak-user mailing list
>>>>>>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
_______________________________________________
>>>>>>>>>>>> keycloak-user mailing
listkeycloak-user@lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
_______________________________________________
>>>>>>>>>>>> keycloak-user mailing list
>>>>>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> keycloak-user mailing list
>>>>>>>>> keycloak-user(a)lists.jboss.org
>>>>>>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>