Re: [keycloak-user] Issues with Keycloak and AD

i have relevant question but different scenario. If i have configure ldap account with READ_ONLY mode and registration are off. Is there a way to create local users? I mean is there anyway to tell keycloak that it creates user in his database instead in ldap.

Regards, Nabeel Ahmed Cell # +92 333 540 5542 On Fri, Apr 21, 2017 at 6:42 PM, Charles Hardin <chardin(a)shadowforge-computing.com <mailto:chardin@shadowforge-computing.com>> wrote: 2016 On Fri, Apr 21, 2017 at 7:57 AM, Marek Posolda <mposolda(a)redhat.com <mailto:mposolda@redhat.com>> wrote: > I will try to reproduce that. What's your MSAD version btv? > > Thanks, > Marek > > > On 20/04/17 23:55, Charles Hardin wrote: > >> Hello All, >> >> I have setup an instance of Keycloak 3 and connected it to AD. It is setup >> to sync users and is writeable edit mode. I also have Pasword Policy Hints >> enabled in the MSAD Account Controls mapper. I have user registration >> turned on in Keycloak. >> >> When I register a user in keycloak, it creates the user in a disabled >> state >> in AD, and prompts the user in keycloak to change the password they just >> set during account creation to activate the account. This then fails >> because AD is currently configured to enforce a minimum password age of >> one >> day. >> >> I am ok with the account being created disabled, but how do I get around >> the immediate 2nd password request? >> >> Thanks, >> >> Chuck >> _______________________________________________ >> keycloak-user mailing list >> keycloak-user(a)lists.jboss.org <mailto:keycloak-user@lists.jboss.org> >> https://lists.jboss.org/mailman/listinfo/keycloak-user <https://lists.jboss.org/mailman/listinfo/keycloak-user> >> > > > _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org <mailto:keycloak-user@lists.jboss.org> https://lists.jboss.org/mailman/listinfo/keycloak-user <https://lists.jboss.org/mailman/listinfo/keycloak-user>