[keycloak-user] another small enhancement request for MSAD password mapper
mj
lists at merit.unu.edu
Thu Jan 26 05:08:04 EST 2017
Hi Marek,
On 01/24/2017 11:47 AM, Marek Posolda wrote:
> Can you doublecheck this scenario on your side? Are you using latest
> Keycloak master?
So I double checked. We are using 2.5.0, NOT latest master, but it does
NOT work:
As soon as I check "user must change password on next logon", the MSAD
attribute pwdLastSet changes to 0. (that is correct, confirmed with an ldif)
However, keycloak tells me: invalid username or password. Removing the
checkbox sets pwdLastSet to -1, and the logon succeeds again.
Searching through jira, I don't see an explanation for the difference in
behaviour between 2.5.0 and 2.5.1. If I can find some time, I'll try
installing 2.5.1, to see if it works there...
MJ
More information about the keycloak-user
mailing list