Testsetup:
- Containerized Keycloak 15.0.2 , ran for two years , with Ldap-Federation (Edit Mode: Unsynched) uses Infinispan, two Replicas.
- Installed Keycloak 15.0.2 locally, same Ldap-Federation-Config, Imported all Users.
Checked for disabled Users in the Active-Directory. Found 6.
Checked if they are really disabled in both Keycloaks UIs → Positive. Lets go:
- Enabled the six Users.
- Waited a little bit
- Triggered the Changed-User-Sync
- Message on Top: 6 Updated Users
- Locally Keycloak got every User enabled → Looks good.
- Containerized Keycloak got 1 in 6 right → Why?
This is the question. And we don’t have clue right now, why it behaves, how it behaves, except of vague ideas like cache etc.