[keycloak-user] Can Keycloak simulate LDAP server?

Marek Posolda mposolda at redhat.com
Thu Oct 15 06:42:38 EDT 2015

In that case, I would likely use Keycloak with LDAP federation provider, 
which will point to some LDAP server in your environment. KC Federation 
provider needs to be declared with editMode "WRITABLE", so all users 
created through Keycloak will be synced to LDAP server as well including 
their password. Then the legacy product compatible just with LDAP will 
authenticate users against this LDAP server.


On 15/10/15 11:41, Valerij Timofeev wrote:
> Hi all,
> we are interested to know if it is possible to authenticate users of 
> pure LDAP client against Keycloak?
> Why? We are planning to migrate legacy user storage to Keycloak and 
> we'd like to avoid dead end if for example some product (e.g. SaaS) 
> does not support user authentication against Keycloak, but does 
> against standard LDAP server.
> If it is impossible, has anybody succeeded to implement reverted 
> direction of user federation synchronization (all users data from 
> Keycloak should be copied to a fresh LDAP server installation)?
> Answers to these questions may be decisive for the Keycloak usage in 
> our organization.
> Thank you in advance
> Valerij Timofeev
> Software Engineer
> Trusted Shops GmbH
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20151015/9b30e4a9/attachment.html 

More information about the keycloak-user mailing list