Hello,
I have done FreeIPA federation with Keycloak, and additionally I have put LDAP Mappers for Roles.
But it doesn’t work if I delete Roles on FreeIPA, it doesn’t delete it on Keycloak side. But the same scenario happens if I delete Roles on Keycloak does not transfer to FreeIPA.
In the context of the same LDAP mapper, when a new role is added, in Client Roles, it is Available Roles, and does not go to Assigned Roles. It should be manually added to Assigned Roles. Can it be changed to go to Assigned Roles?
Keycloak Server Version - 16.1.1
LDAP mapper details:
Mapper Type - role-ldap-mapper
LDAP Roles DN - cn=roles,cn=accounts,dc=###,dc=###
Role Name LDAP Attribute - cn
Role Object Classes - groupOfNames
Membership LDAP Attribute - member
Membership Attribute Type - DN
Membership User LDAP Attribute - uid
Mode - LDAP_ONLY
User Roles Retrieve Strategy - LOAD_ROLES_BY_MEMBER_ATTRIBUTE
Member-Of LDAP Attribute - memberOf
Image in attachment
Best regards,
Goce Joncheski