Hi,

after "Synchronize all users" you should be able to see all users from LDAP, not just those which already authenticated in Keycloak. For your LDAP tree, I believe that Base DN should be "DC=acme,DC=com" and User DN should be "OU=acmeUsers,DC=acme,DC=com" . Please let me know if it helps.

Marek

On 4.11.2014 14:58, Patrick V. Madden wrote:

Hi,

Hope this doesn't post twice....

I am running a local 1.0.4.Final build on my local machine to do some testing.

I have a quick question regarding an Active Directory Realm that I am trying to configure. I am able to successfully test the connection and test authentication using Bind DN and Bind Credential and Connection URL.

I can connect via an external LDAP browser using same credential and browse the directory.

When I click Synchronize all users button it says it is successful. However, when I go back to search page I get nothing when I enter a username. When I click show all users it shows nothing. I was hoping it would show me a list of all users in the search tree based on my settings.

Lets assume my company is acme.com. When I look at browser it shows:

RootDSE
  +---DC=acme,DC=com
+---OU=acmeUsers

      +---CN=John Doe

          ---CN=Jane Doe

          ---CN=Joe Blow

I want the users to be in OU=acmeUsers,DC=acme,DC=com

And yes OU=acmeUsers is what I need...

So what would I put in for Base DN and User DN Suffix to get it to show a list of all users in the directory?

Or does it only show users that have logged into the Realm via a web app?

Hope this makes sense.

Regards,

Patrick Madden
Principal Design Engineer
Tom Sawyer Software

1997 El Dorado Avenue

Berkeley, CA 94707

Cell: +1 (845) 416-4629
E-mail: pmadden@tomsawyer.com
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user