[keycloak-user] Admin user from LDAP server

Marek Posolda mposolda at redhat.com
Mon Jul 11 02:59:00 EDT 2016


What you can do is:
- Create the user "temp-admin" and bootstrap Keycloak with him
- Login to admin console as "temp-admin" and create LDAP federation 
provider in master realm with syncRegistrations=true
- Create new user "real-admin" and set the password for him. This one 
will be stored in LDAP now
- Logout as "temp-admin" and login to admin console as "real-admin"
- Delete "temp-admin" .

The user "real-admin" is now stored in LDAP with his credentials and 
there is no admin user with credentials in Keycloak DB.

Is it sufficient for your use-case?

Marek

On 11/07/16 06:41, Fabricio Milone wrote:
>
> Hi,
>
> We would like to be able to create the admin user using LDAP, so the 
> credentials are not stored in Keycloak's database at all.
>
> I think there is no way to achieve this at the moment, would you think 
> this is possible?
>
> I'd like to create a feature request if you don't mind.
>
> Regards
> -- 
> *Fabricio Milone*
> Developer
> *
> *
> *
> Shine Consulting *
>
> 30/600 Bourke Street
>
> Melbourne VIC 3000
>
> T: 03 8488 9939
>
> M: 04 3200 4006
>
>
> www.shinetech.com <http://www.shinetech.com/>/*a*/ passion for excellence
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160711/e7fc5c29/attachment-0001.html 


More information about the keycloak-user mailing list