[keycloak-user] Renaming a user in Keycloak does not change the user's DN when using LDAP federation provider

Monday, 22 February 2016

Hi,

Just checking if I have got this right. Our scenario is that we have set up an LDAP user
federation from Keycloak to Active Directory. We map the username in Keycloak to the
userPrincipalName attribute in MSAD.

As is common the full DN in MSAD starts with the username. E.g.
CN=edgar(a)info.nl,OU=Users,OU=Customers,DC=hf,DC=info,DC=nl

Now when I change the username from Keycloak I see that the userPrincipalName attribute is
updated, however the DN remains the same. If I look in the Keycloak source code it seems
indeed that a user DN is only set once on creation of the user (LDAPUtils#addUserToLDAP).

We would like renaming of the user in Keycloak to result in a renaming of the DN in
MSAD/LDAP as well. Shall I create a JIRA feature request for this?

cheers

Edgar

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

[keycloak-user] Renaming a user in Keycloak does not change the user's DN when using LDAP federation provider