[keycloak-dev] Community driven documentation for unsupported LDAP vendors

Marek Posolda mposolda at redhat.com
Tue Jan 10 07:50:28 EST 2017

We support and test just with few known LDAP server vendors. However 
there are lots of questions from the community related to other various 
LDAP servers (eg. MSAD LDS, Samba4 AD, Novell eDirectory). There are 
also some community contributions. For example we have the user, who did 
the integration with MSAD LDS and he contributed the 
MSADLDSUserAccountControlStorageMapper for that.

I was thinking whether it's good to have community-driven documentation 
with the notes about how to integrate with various external LDAP 
servers. We will just add the sub-chapter like "LDAP server vendors 
specific configurations" to our LDAP documentation. At the beginning, we 
will add the Warning paragraph with the text like:

"These LDAP servers are not tested and officially supported by the 
Keycloak team. It is all driven by the community. So be aware that 
provided informations are not guaranteed to be 100% up-to-date."

And then paragraphs with the needed steps how to configure LDAP 
StorageProvider and mappers when you want to integrate with the 
particular LDAP vendor. For example something like this for MSAD LDS: 


More information about the keycloak-dev mailing list