[keycloak-user] Active Directory

Christopher Davies christopher.james.davies at gmail.com
Tue Jun 21 04:21:33 EDT 2016


I am looking to use KeyCloak backed by an AD server.
Can I check a few things that I understand are correct.

1) Using the  User Federation SPI I import the following from
ActiveDirectory into the KeyCloak database : first name, surname, email,
username and password.
2) Password checks are made against the Keycloak database and not the
ActiveDirectory
system
3) Enabling kerberos authentication will allow me to do paswordless login
using my web browser from my windows box

Hope I am not to far from the mark

Chris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160621/11ebad36/attachment.html 


More information about the keycloak-user mailing list