[keycloak-dev] "Windows Security" pop up problem

Matthew Casperson matthew.casperson at autogeneral.com.au
Wed Jun 3 19:33:50 EDT 2015 

We authenticate against a Windows domain using LDAP (and not using
Kerberos).

In KeyCloak 1.2.0, this prompt now appears when users are asked to log in.
The problem is that this prompt automatically appends the domain to the
username, and I can't see any LDAP property that accepts the domain name.

We use the sAMAccountName property, which does not include the domain, and
looking at
https://msdn.microsoft.com/en-us/library/windows/desktop/ms677605(v=vs.85).aspx
I don't see any other property that will work with this prompt.

We might be able to use userPrincipalName, but none of our users have any
experience logging in with an email address, and I'd like to avoid the
training overhead of this if possible.

So my questions are:
1. Can I disable this prompt and use the standard keycloak form based login?
2. Is there an LDAP field that I can define in the keycloak LDAP federation
config that will accept a domain as part of the username?


​

-- 
*Matthew Casperson*
*Senior Front End Developer*
Technology, Space & Distribution
Auto & General Holdings Pty Ltd
P: 07) 3377 8751 (Direct: 3377 8751)
F: 07) 3377 8833

-- 


This email is sent by Auto & General Insurance Company Ltd, Auto & General Services Pty Ltd, Auto & General Holdings Pty Ltd or a related body corporate (Auto & General) and is for the intended addressee.
The views expressed in this email and attachments (email) reflect the views of the stated author but may not reflect views of Auto & General. This email is confidential and subject to copyright. 
It may be privileged. If you are not the intended addressee, confidentiality and privilege have not been waived and any use, interference with, or disclosure of this email is unauthorised. 
If you are not the intended addressee please immediately notify the sender and then delete the email. Auto & General does not warrant that this email is error or virus free.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20150604/a2834405/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screen Shot 2015-06-04 at 9.25.08 am.png
Type: image/png
Size: 23598 bytes
Desc: not available
Url : http://lists.jboss.org/pipermail/keycloak-dev/attachments/20150604/a2834405/attachment-0001.png

More information about the keycloak-dev mailing list