[keycloak-user] LDAP user group membership not syncing

arbiterfwhim arbiterofwhim at gmail.com
Mon Oct 29 10:37:59 EDT 2018


Luiz Carlos wrote
> I'm trying to sync the LDAP groups into Keycloak but it doesn't update the
> membership if I add or remove it from a group in LDAP.
> -- 
> Luiz Carlos
> _______________________________________________
> keycloak-user mailing list

> keycloak-user at .jboss

> https://lists.jboss.org/mailman/listinfo/keycloak-user

Bumping this. I'm currently using Keycloak 3.2.1 and am having similar
issues with LDAP syncing. My main issue is that when a user is granted a new
role on the LDAP side, that user (on the Keycloak side) doesn't get updated
to have that role when running a full sync (manual or scheduled).

In order to sync these changes I have to delete the user(s) and then run an
LDAP sync. This re-adds the user(s), this time with their latest set of
roles. Unfortunately I haven't found any settings in the Keycloak admin
console that can fix this. A solution would be greatly appreciated.

- Whim



--
Sent from: http://keycloak-user.88327.x6.nabble.com/


More information about the keycloak-user mailing list