[keycloak-user] Error enabling 'Sync Registrations' for LDAP (FreeIPA) User Federation
Marek Posolda
mposolda at redhat.com
Mon Jun 13 10:20:07 EDT 2016
On 13/06/16 15:47, Rafael T. C. Soares wrote:
>
> ___
> Rafael T. C. Soares
>
> On 06/13/2016 04:54 AM, Marek Posolda wrote:
>> The "Sync registration" doesn't work with LDAP provider configured
>> against FreeIPA.
>>
> Is this issue specific for FreeIPA? Is it supposed to work for other
> LDAP Impl and MS AD?
Yes, it should work for other LDAP Impl.
The FreeIPA is a bit special, as the registration of user needs to be
done properly through SSSD or something, not through calling LDAP API
directly. SSSD updates LDAP and do some other required things to have
user account in correct state. That's what FreeIPA CLI is doing as well
AFAIK.
Marek
>
> Thanks!
More information about the keycloak-user
mailing list