1:41 a.m.
I have setup a keycloak with a PostgreSQL db and also included ldap as user
federation. I tried setting the firstName (mapped to cn attribute) to
read-only but I realised that if one does that, you cannot create a user,
trying to add a new user fails.
I expected that setting the attribute read-only meant the user is not able
to change it on the account management page however an admin should be able
to do so (at least when creating the user since that makes for a broken
flow as you have to make it writable before creating a new user and than
back to read-only again every time).
Is this a bug? I have not tested registration but suspect that it won't
work either.
8:08 a.m.
On 12/1/16 2:41 AM, Byte Flinger wrote:
I have setup a keycloak with a PostgreSQL db and also included ldap
as user
federation. I tried setting the firstName (mapped to cn attribute) to
read-only but I realised that if one does that, you cannot create a user,
trying to add a new user fails.
Fails where? in registration screen? Or admin
console?
I expected that setting the attribute read-only meant the user is not
able
to change it on the account management page however an admin should be able
to do so (at least when creating the user since that makes for a broken
flow as you have to make it writable before creating a new user and than
back to read-only again every time).
Read only means that you can't edit ldap.
It will instead update local
import.
Is this a bug? I have not tested registration but suspect that it
won't
work either.
Looks like a "feature" to me.
Bill
3327
days inactive
3327
days old
1 comments
2 participants
participants (2)
-
Bill Burke -
Byte Flinger