feat: add group mapper to keycloak ldap backend
so we can assign groups in keycloak. Maybe search for an easier way to do this... Signed-off-by: Bert-Jan Fikse <bert-jan@whatwedo.ch>
This commit is contained in:
parent
912f1b99e8
commit
0b336aa8f8
GPG key ID:
C1E0AB516AC16D1A
1 changed files with 19 additions and 0 deletions
|
|
@ -159,6 +159,25 @@ keycloak_user_federations:
|
||||||
ldap.full.name.attribute: "displayName"
|
ldap.full.name.attribute: "displayName"
|
||||||
read.only: "false"
|
read.only: "false"
|
||||||
write.only: "true"
|
write.only: "true"
|
||||||
|
- name: "groups"
|
||||||
|
providerId: "group-ldap-mapper"
|
||||||
|
providerType: "org.keycloak.storage.ldap.mappers.LDAPStorageMapper"
|
||||||
|
config:
|
||||||
|
groups.dn: "ou=groups,dc=local,dc=test"
|
||||||
|
group.name.ldap.attribute: "cn"
|
||||||
|
group.object.classes: "groupOfNames"
|
||||||
|
membership.ldap.attribute: "member"
|
||||||
|
membership.attribute.type: "DN"
|
||||||
|
membership.user.ldap.attribute: "uid"
|
||||||
|
groups.ldap.filter: ""
|
||||||
|
mode: "LDAP_ONLY"
|
||||||
|
user.roles.retrieve.strategy: "LOAD_GROUPS_BY_MEMBER_ATTRIBUTE"
|
||||||
|
memberof.ldap.attribute: "memberOf"
|
||||||
|
mapped.group.attributes: ""
|
||||||
|
drop.non.existing.groups.during.sync: "false"
|
||||||
|
preserve.group.inheritance: "false"
|
||||||
|
ignore.missing.groups: "false"
|
||||||
|
groups.path: "/"
|
||||||
- name: "creation date"
|
- name: "creation date"
|
||||||
providerId: "user-attribute-ldap-mapper"
|
providerId: "user-attribute-ldap-mapper"
|
||||||
providerType: "org.keycloak.storage.ldap.mappers.LDAPStorageMapper"
|
providerType: "org.keycloak.storage.ldap.mappers.LDAPStorageMapper"
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue