[keycloak-user] Keycloak Identity Broker to LDAP User Storage?
A. A.
bland999 at hotmail.com
Sat Apr 13 02:04:20 EDT 2019
Actually, I've traced the source of my challenge I believe to this excellent analysis:
https://issues.jboss.org/browse/KEYCLOAK-4433?focusedCommentId=13364626&page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#comment-13364626
In my case, I have a few attributes in OpenLDAP that have constraints associated with them (we are using the constraints overlay/extension provided by OpenLDAP). Those constraints prevent the creation of the "default" dummy object. I have confirmed that watching the logs: Keycloak first tries to create a dummy empty object, then moves forward with modifying the returned entry.
Is there a workaround to this? Or a configuration option that instead of create empty then modify, instead simply does create with full attributes?
More information about the keycloak-user
mailing list