[keycloak-user] Create user from keycloak UI with FreeIPA backend

Marc Boorshtein marc.boorshtein at tremolosecurity.com
Sun Dec 4 10:55:20 EST 2016


The only way to create users in freeipa is to use their web API. The only
provisioning system I know of that does this is our own project openunison.
Here's the code for working g with the freeipa web services if you are
interested :

https://github.com/TremoloSecurity/OpenUnison/blob/master/unison/unison-services-freeipa/src/main/java/com/tremolosecurity/unison/freeipa/FreeIPATarget.java

On Sun, Dec 4, 2016, 8:48 AM James James <jreg2k at gmail.com> wrote:

> Thank for your answer.
>
> If i use freeipa as LDAP backend for keycloak, users who will register from
> the keycloak UI will be created in Freeipa to ?
>
> In my previous tests, every user I have created from the keycloak UI wasn't
> created in the FreeIPA. I was using FreeIPA as LDAP backend. Maybe my
> settings were bad.
>
> I can send some logs to help me troubleshooting.
>
> Regards.
>
> 2016-12-02 7:11 GMT+01:00 Stian Thorgersen <sthorger at redhat.com>:
>
> > It's impossible with the SSSD integration as SSSD is currently read-only.
> > You can however use FreeIPA as a backend with a LDAP user federation
> > provider instead.
> >
> > On 27 November 2016 at 17:56, James James <jreg2k at gmail.com> wrote:
> >
> >> Hello,
> >>
> >>
> >> I want to be able to create user in the FreeIPA backend from keycloak
> >> registration portal  .. is it possible ? For me it' impossible but I
> just
> >> want to be sure.
> >>
> >> http://lists.jboss.org/pipermail/keycloak-user/2016-June/006607.html
> >>
> >> https://keycloak.gitbooks.io/server-adminstration-guide/cont
> >> ent/topics/user-federation/sssd.html
> >>
> >> Regards.
> >>
> >> James Regis
> >> _______________________________________________
> >> keycloak-user mailing list
> >> keycloak-user at lists.jboss.org
> >> https://lists.jboss.org/mailman/listinfo/keycloak-user
> >>
> >
> >
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-- 
Marc Boorshtein
CTO Tremolo Security
marc.boorshtein at tremolosecurity.com
(703) 828-4902
Twitter - @mlbiam / @tremolosecurity


More information about the keycloak-user mailing list