Keycloak with LDAP or AD providing SSO for a App Publishing Application

My client wants to implement a solution whereby:

  1. Thin client logon to LDAP or AD once, and upon boot, a specific corporate application is launched and login is based on earlier LDAP/AD credentials.

  2. The current corporate application currently supports SSO with Microsoft AD using Kerberos and SAML2 (only for Windows clients)

We are trying to ascertain if, with Keycloak, can we achieve the same SSO for Linux and Windows clients whereby users logon once (only) be it AD or OpenLDAP, and the corporate application can auto-launched and authenticated.

Hi @richardwoon, were you able figure out a solution for this case? We are also looking for something similar to be implemented and was hoping if you have any thoughts on this!