Hi,

ATM There is fix in latest Keycloak master . Among other improvements, you can now configure in admin console the name of LDAP attribute, which is used as username in Keycloak. So for AD, you can select "sAMAccountName" . I believe that this will help to have things working in your environment. Please let me know if it helps.

Thanks,
Marek

On 20.6.2014 17:40, Dean Peterson wrote:

That sounds great, thanks!
On Fri, Jun 20, 2014 at 12:35 AM, Marek Posolda <mposolda@redhat.com> wrote:
We already seem to have other person with very similar usecase like you. I am working on it and will let you know.

Marek

On 19.6.2014 20:29, Dean Peterson wrote:
Hello,

I am trying to get ldap to work and it seems the query in picketlink's LDAPIdentityStore.java on line 186 uses id or uid to find the user in an Active Directory. Our Active Directory stores the username as the property sAMAccountName. I believe this prevents keycloak's new ldap integration from working. Am I missing something?
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user