[keycloak-user] Default Realm Roles Not Set When role-ldap-mapper is configured for AD

Marek Posolda mposolda at redhat.com
Wed Jun 7 16:15:39 EDT 2017


JIRA already exists for this issue :/ You can find it in KEYCLOAK 
project in component "Federation - LDAP". Feel free to add a vote.

Marek


On 07/06/17 13:22, Adrian Matei wrote:
> I forgot to mention - this is valid for both 2.5.1 and 3.1 Versions
>
> Best regards,
> Adrian
>
> On Wed, Jun 7, 2017 at 1:11 PM, Adrian Matei <adrianmatei at gmail.com> wrote:
>
>> Hi everyone,
>>
>> When I configure an LDAP Role Mapper for Active Directory the Default
>> Roles of the Realm are not set anymore when a user registers himself or if
>> I create one via the Keycloak Admin Console.
>>
>> Configuration:
>>
>> Mapper type: role-ldap-mapper
>> LDAP Roles DN: subtree in AD
>> Role LDAP Attribute: cn
>> Role Object Classes: group
>> Membership LDAP Attribute: member
>> Membership Attribute Type: DN
>> Membership User LDAP Attribute: uid
>> Mode: LDAP_ONLY
>> User Roles Retrieve Strategy: LOAD_ROLES_BY_MEMBER_Attribute
>> Use Realm Roles Mapping: ON
>>
>>
>> Does anyone have a solution, or should I create a Jira Issue for that?
>>
>> Best regards,
>> Adrian
>>
>>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user




More information about the keycloak-user mailing list