Dear all, I'm facing some issues with the Role Mapping of user accounts in Keycloak Server (v1.7.0) which are imported from our Active Directory. I configured the User Federation and added some Role Mappers to map AD groups to Realm Roles. The user accounts are imported from AD and the Groups are added as Realm Roles. But the Roles are not assigned to the User Accounts inside Keycloak after the Import. Finally I could break the issue down to the naming scheme in our Active Directory: Our IT adds users as "CN=<LastName>, <FirstName>" and "DN=<LastName>\, <FirstName>,OU=...,DC=...,DC=..." The DN (with escaped comma) is also used as Group member attribute. It seems that Keycloak has an issue with special characters in CN / DN. Is there anything I can do in my current Keycloak instance or needs this to be fixed in an upcoming version of Keyclaok? BR, Hermann ____________________________ Hermann Kröner Testing Engineer Security Barco Control Rooms GmbH Greschbachstrasse 5a D - 76229 Karlsruhe Telefon +49 721 6201 461 http://www.barco.com mailto:hermann.kroener@barco.com ____________________________ Registered at 76229 Karlsruhe, Amtsgericht Mannheim, HRB 102241, Management: Lutz Nehrhoff von Holderberg This message is subject to the following terms and conditions: MAIL DISCLAIMER<http://www.barco.com/en/maildisclaimer>