Re: [keycloak-user] Issues with Keycloak and AD

Hello All, I have setup an instance of Keycloak 3 and connected it to AD. It is setup to sync users and is writeable edit mode. I also have Pasword Policy Hints enabled in the MSAD Account Controls mapper. I have user registration turned on in Keycloak. When I register a user in keycloak, it creates the user in a disabled state in AD, and prompts the user in keycloak to change the password they just set during account creation to activate the account. This then fails because AD is currently configured to enforce a minimum password age of one day. I am ok with the account being created disabled, but how do I get around the immediate 2nd password request? Thanks, Chuck _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user