[keycloak-user] ldap setup

Marek Posolda mposolda at redhat.com
Tue Jun 24 04:51:28 EDT 2014


ATM There is fix in latest Keycloak master . Among other improvements, 
you can now configure in admin console the name of LDAP attribute, which 
is used as username in Keycloak. So for AD, you can select 
"sAMAccountName" . I believe that this will help to have things working 
in your environment. Please let me know if it helps.


On 20.6.2014 17:40, Dean Peterson wrote:
> That sounds great, thanks!
> On Fri, Jun 20, 2014 at 12:35 AM, Marek Posolda <mposolda at redhat.com 
> <mailto:mposolda at redhat.com>> wrote:
>     We already seem to have other person with very similar usecase
>     like you. I am working on it and will let you know.
>     Marek
>     On 19.6.2014 20:29, Dean Peterson wrote:
>>     Hello,
>>     I am trying to get ldap to work and it seems the query in
>>     picketlink's LDAPIdentityStore.java on line 186 uses id or uid to
>>     find the user in an Active Directory.  Our Active Directory
>>     stores the username as the property sAMAccountName.  I believe
>>     this prevents keycloak's new ldap integration from working.  Am I
>>     missing something?
>>     _______________________________________________
>>     keycloak-user mailing list
>>     keycloak-user at lists.jboss.org  <mailto:keycloak-user at lists.jboss.org>
>>     https://lists.jboss.org/mailman/listinfo/keycloak-user

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20140624/2fb47fe3/attachment.html 

More information about the keycloak-user mailing list