[keycloak-user] Issue with LDAP federation import

pslegr pslegr at redhat.com
Mon Feb 13 07:41:59 EST 2017 


On 13.2.2017 13:23, harish jadhav wrote:
> Team,
> Can some one help on this please?
> ThanksHarish
>   
>
>      On Friday, February 10, 2017 9:47 PM, harish jadhav <harishjadhav1979 at yahoo.com> wrote:
>   
>
>   Hi Team,
>
> Thanks for immediate response. As both users are different persons and reside in different domain with different email id, I was expecting it to treat as different user and in fact objectguid will be different for both users. And as both users belong to same organisation, I can't use different realm also.
>
> Is there any workaround available for this?
>
> Thanks
> Harish
>
>
> --------------------------------------------
> On Fri, 2/10/17, Bill Burke <bburke at redhat.com> wrote:
>
>   Subject: Re: [keycloak-user] Issue with LDAP federation import
>   To: keycloak-user at lists.jboss.org
>   Date: Friday, February 10, 2017, 8:27 PM
>   
>   You can't have 2
>   users with same username.  The sync is pulling users
>   from 2nd federation provider, sees that its
>   already been imported (by
>   1st Federation
>   sync) and fails to import that user.
Imagine the use case, you are having 2 separate organizations, or 
recently handled separately
and you now want to migrate all users under the same domain.
It would be good to have a feature, which allows you to identify users - 
which failed and being able to
sync them manually afterwards or via semi-automated way - asking either
for
- migration of new userinfo under the existing username
- pulling the user info, but with changed username
however, this sounds like a completely new feature different from what 
original question was


>   
>   
>   On 2/10/17 9:32 AM, harish jadhav wrote:
>   > Hello Keycloak Team,
>   >
>   I am new to keycloak and trying to integrate with my
>   application. Just to do some kind of analysis, I have
>   started with LDAP import. I have two LDAP servers having
>   different domains say tkd.com and teckno.com respectively (
>   running at 172.16.11.100 and 172.16.12.100 respectively) and
>   I am able to import the users from both the directories. I
>   have created two LDAP federation in single realm.
>   >
>   >   However
>   one issue which I am facing is I am unable to import one
>   particular user by second federation - I have one user
>   having name ronny at tkd.com
>   with username Ronny in 172.16.11.100 and ronny at teckno.com
>   with same username Ronny in 172.16.12.100. The error I am
>   getting is
>   >
>   > User
>   'Ronny' is not updated during sync as he already
>   exists in Keycloak database but is not linked to federation
>   provider '1081bf4c-b54d-44db-b172-b229ae6aad4e'
>   > Can you please help on how to sync both
>   users as technically both users are different having
>   different email ids and domains.
>   > Thanks
>   in advance.
>   > ThanksHarish
>   >
>   _______________________________________________
>   > keycloak-user mailing list
>   > keycloak-user at lists.jboss.org
>   > https://lists.jboss.org/mailman/listinfo/keycloak-user
>   
>   _______________________________________________
>   keycloak-user mailing list
>   keycloak-user at lists.jboss.org
>   https://lists.jboss.org/mailman/listinfo/keycloak-user
>   
>
>     
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

More information about the keycloak-user mailing list