ATM There is fix in latest Keycloak master . Among other improvements,
you can now configure in admin console the name of LDAP attribute, which
is used as username in Keycloak. So for AD, you can select
"sAMAccountName" . I believe that this will help to have things working
in your environment. Please let me know if it helps.
On 20.6.2014 17:40, Dean Peterson wrote:
That sounds great, thanks!
On Fri, Jun 20, 2014 at 12:35 AM, Marek Posolda <mposolda(a)redhat.com
We already seem to have other person with very similar usecase
like you. I am working on it and will let you know.
On 19.6.2014 20:29, Dean Peterson wrote:
> I am trying to get ldap to work and it seems the query in
> picketlink's LDAPIdentityStore.java on line 186 uses id or uid to
> find the user in an Active Directory. Our Active Directory
> stores the username as the property sAMAccountName. I believe
> this prevents keycloak's new ldap integration from working. Am I
> missing something?
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org <mailto:firstname.lastname@example.org>