Active Directory User Federation not mapping objectSid as expected


I am using Keycloak User Federation to import users from Active Directory Server 2008.
I have created an user-attribute-ldap-mapper to map the user’s objectSid as a binary attribute.
Other binary attributes map as expected such as objectGUID (16 bytes).
But objectSid (24 bytes) does not look like a Security Indentifier that I expect to see, such as “S-1-5-21-992878714-4041223874-2616370337-1001”.
Instead it looks something like this…: “AQUAAAAAAAUVAAAAizkQjca2XXmiFM9F3gUAAA==”

1 Like

It looks like you haven’t received any answer. Do you solve it by yourself?

I am facing the same issue, has anyone solved it?