What you can do is:
- Create the user "temp-admin" and bootstrap Keycloak with him
- Login to admin console as "temp-admin" and create LDAP federation provider in master realm with syncRegistrations=true
- Create new user "real-admin" and set the password for him. This one will be stored in LDAP now
- Logout as "temp-admin" and login to admin console as "real-admin"
- Delete "temp-admin" .

The user "real-admin" is now stored in LDAP with his credentials and there is no admin user with credentials in Keycloak DB.

Is it sufficient for your use-case?

Marek

On 11/07/16 06:41, Fabricio Milone wrote:

Hi,

We would like to be able to create the admin user using LDAP, so the credentials are not stored in Keycloak's database at all.

I think there is no way to achieve this at the moment, would you think this is possible?

I'd like to create a feature request if you don't mind.

Regards
--

Fabricio Milone

Developer

Shine Consulting
30/600 Bourke Street

Melbourne VIC 3000

T: 03 8488 9939

M: 04 3200 4006

www.shinetech.com a passion for excellence
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user