11:58 p.m.
Hi Felipe,
this topic was discusses some time back on the user forum. Jira
KEYCLOAK-2141 <https://issues.jboss.org/browse/KEYCLOAK-2141> has some
background information on the issue you are facing. From what I can tell
one will have to change the attribute mapping on the LDAP user federation
provider to map email to a custom attribute (e.g. contact_email) and then
also change the email template to use that field for email distribution
instead.
Cheers,
Niels
On Thu, Jun 9, 2016 at 9:41 PM, Felipe Braun Azambuja <
felipe.braun(a)intelbras.com.br> wrote:
Hello all,
We have Keycloak connected to our Active Directory (read only),
everything working correctly, authenticating our employees. But there is
a case that is a little complicated.
When someone starts working here as a intern, the user has an employee
ID with four digits. If a person is a regular employee, it has five
digits. Windows login is made of the first 2 letters of the name, and
then the ID number, zero padded, as in *fe001173*. But there are times
that these interns are hired as employees, so the previous account is
*disabled* in AD and a new one is created.
The problem is that the e-mail address is the same. When this happens, I
can't even search the user in Keycloak admin interface, because it says
that it already has a user with the same e-mail. The old one is still
there, though; but if I go to its details, I can't change the e-mail
address, since it tries to sync it back to AD.
So far, the solution was changing it directly in the database and
restarting Keycloak, which is *not* a good thing to do.
Any thoughts on what we could do?
Thanks !
--
Felipe Braun Azambuja
DBA
Tecnologia da Informação e Comunicação
(48) 3281 9577
felipe.braun(a)intelbras.com.br
Esta mensagem, incluindo seus anexos, contém informações protegidas por
lei, sujeitas a privilégios e/ou confidencialidades, não podendo ser
retransmitida, arquivada, divulgada ou copiada sem autorização do
remetente. O remetente utiliza o correio eletrônico no exercício do seu
trabalho ou em razão dele, eximindo esta instituição de qualquer
responsabilidade por utilização indevida. Caso tenha recebido esta mensagem
por engano, por favor informe o remetente respondendo imediatamente a este
e-mail, e em seguida apague-a do seu computador.
The information contained in this e-mail and its attachments are protected
by law, subjected to privilege and/or confidentiality and cannot be
retransmitted, filed, disclosed or copied without authorization from the
sender. The sender uses the electronic mail in the exercise of his/her work
or by virtue thereof, and the institution accepts no liability from its
undue use. If you have received this message by mistake, please notify us
immediately by returning the e-mail and deleting this message from your
system.
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user