@@computeriseasy The ldap is not my company, it is customer LDAP, so they not gonna share admin user with us. Does it need to be admin or it can be a regular user with specific role ( read only for instance ) ?
@@martinsimon4215 i have not done it but it muss be possible. To allow another, non-admin user to do this, create a new role, add the relevant permissions to this role, and assign the non-admin user to the role.
Thanks for the detail explanation , if we want to ldap groups also need to migrate to keycloak what are changes need to do from configuration level .when i do keycloak ldap migration only users are imported to keycloak under user but group are not imported in my ldap groups also configured ,so if i want to import the groups what configuration changes need to do . Please let us know the configuration steps for group migration
that is a good question. After doing the federation you have to open the mappers tab ( under the federation itself). After that you have to create a new mapper and for that mapper you select the ,, group-ldap-mapper ,, and there you do the configuration according to your ldap structure.
@@computeriseasy I have tried the same steps but groups not imported , getting this message I have installed intSuccess! Data synced successfully. 0 imported groups, 0 updated groups, 0 removed groups Canyou please help me the keycloak configuration details for groups import please make a video for groups migration in keycloak if possible
It is very good question ! After adding an identity provider ( like microsoft ) under the identity providers in your desired realm, the redirect uri will be automatically created according to the base url of your keycloak server . if your keycloak server runs under https the redirect uri under identity provider muss be also under https, for example in my case : keycloak.xxxx:8443/auth/realms/my-realm/broker/microsoft/endpoint I hope, i could help :)))
My Configuration is ok but each time when want to sync the user, getting "Success! Sync of users finished successfully. 0 imported users, 0 updated users, 587 users failed sync! See server log for more details" Whats the reason?
it can have different reasons. maybe the users schema is not configured correctly (cn, uid and ...). open the log file of your keycloak server and check what exactly the reason ist.
Hello, what if I need to connect to a customer ldap where I dont have admin account ?
Hello, if you have a standard installation of ldap you must have an admin . Through the admin account can you access and manage your whole ldap tree.
@@computeriseasy The ldap is not my company, it is customer LDAP, so they not gonna share admin user with us. Does it need to be admin or it can be a regular user with specific role ( read only for instance ) ?
@@martinsimon4215 i have not done it but it muss be possible. To allow another, non-admin user to do this, create a new role, add the relevant permissions to this role, and assign the non-admin user to the role.
great tutorial. the explanation is great.
i am glad that it could help and thanks for your feedback.
That was a great explanation. Thanks bro!
i am glad that i could help and thanks for your feedback.
Thanks for the detail explanation , if we want to ldap groups also need to migrate to keycloak what are changes need to do from configuration level .when i do keycloak ldap migration only users are imported to keycloak under user but group are not imported in my ldap groups also configured ,so if i want to import the groups what configuration changes need to do . Please let us know the configuration steps for group migration
that is a good question. After doing the federation you have to open the mappers tab ( under the federation itself). After that you have to create a new mapper and for that mapper you select the ,, group-ldap-mapper ,, and there you do the configuration according to your ldap structure.
@@computeriseasy I have tried the same steps but groups not imported , getting this message I have installed intSuccess! Data synced successfully. 0 imported groups, 0 updated groups, 0 removed groups
Canyou please help me the keycloak configuration details for groups import
please make a video for groups migration in keycloak if possible
@@bcreddy571look at the log file of keycloak, maybe you find some infos about that. Or try it with :
Ignore Missing Groups: True
how can we change Redirect URI to https in Identity Providers
It is very good question ! After adding an identity provider ( like microsoft ) under the identity providers in your desired realm, the redirect uri will be automatically created according to the base url of your keycloak server . if your keycloak server runs under https the redirect uri under identity provider muss be also under https, for example in my case :
keycloak.xxxx:8443/auth/realms/my-realm/broker/microsoft/endpoint
I hope, i could help :)))
@@computeriseasy this helped me a lot thank you very much
@@deepakremesh i am glad, that it could help :)))
My Configuration is ok but each time when want to sync the user, getting
"Success! Sync of users finished successfully. 0 imported users, 0 updated users, 587 users failed sync! See server log for more details"
Whats the reason?
it can have different reasons. maybe the users schema is not configured correctly (cn, uid and ...). open the log file of your keycloak server and check what exactly the reason ist.
Thanks alot for great tutorial
i am glad that it could help and thanks for your feedback.
Thanks you were helpful
i am glad it could help and thanks for your feedback.
That was a good video + 1 sub!
thanks alot ;)