Hello,

I am using the LDAP Federation Provider to sync users from an AD server and keycloak (unidirectional AD => keycload).

For every newly imported user I want to auto-add one keycloak role. What is the recommended way to implement this?

Should I write a second Provider/ ProviderFactory and do a second sync run ?

Subclassing LDAPFederationProviderFactory doesn’t have the desired result, since the administration doesn’t show the ldap properties.

I can only assume, that there is some special treatment for the LDAPFederationProviderFactory (the buttons to check the connection indicate that).

Kind regards

Kevin Hirschmann

HUEBINET Informationsmanagement GmbH & Co. KG

----------------------------------------------------------------------------------------------------------------------------------------------------------------------

Der Nachrichtenaustausch mit HUEBINET Informationsmanagement GmbH & Co. KG, Koblenz via E-Mail dient lediglich zu Informationszwecken. Rechtsgeschäftliche Erklärungen mit verbindlichem Inhalt können über dieses Medium nicht ausgetauscht werden, da die Manipulation von E-Mails durch Dritte nicht ausgeschlossen werden kann.

Email communication with HUEBINET Informationsmanagement GmbH & Co. KG is only intended to provide information of a general kind, and shall not be used for any statement with binding contents in respect to legal relations. It is not totally possible to prevent a third party from manipulating emails and email contents.