[keycloak-user] Not able to create user if firstName is read-only
Bill Burke
bburke at redhat.com
Thu Dec 1 09:08:21 EST 2016
On 12/1/16 2:41 AM, Byte Flinger wrote:
> I have setup a keycloak with a PostgreSQL db and also included ldap as user
> federation. I tried setting the firstName (mapped to cn attribute) to
> read-only but I realised that if one does that, you cannot create a user,
> trying to add a new user fails.
Fails where? in registration screen? Or admin console?
> I expected that setting the attribute read-only meant the user is not able
> to change it on the account management page however an admin should be able
> to do so (at least when creating the user since that makes for a broken
> flow as you have to make it writable before creating a new user and than
> back to read-only again every time).
Read only means that you can't edit ldap. It will instead update local
import.
> Is this a bug? I have not tested registration but suspect that it won't
> work either.
Looks like a "feature" to me.
Bill
More information about the keycloak-user
mailing list