Sync keycloak into OpenLDAP


After days of trying, I stuck.

To get our User in the captive portal of pfSense I have to sync all user from an existing keycloak in a new openLDAP Server.

OneWay Sync OpenLDAP → keycloak works but not in the diff. direction…
Does someone done that before and could help?

Thanks alot!

Now I’m trusted, may someone could help?

Not sure that is possible. You might be able to make a custom script that does this particular job. Keycloak has a REST API for admin functions, and I suppose OpenLDAP will have something similar. Biggest problem will be the passwords, because they are stored in a hashed format. Copying those may be figure-outable if OpenLDAP supports the same hash algorithm you are currently using in Keycloak…

Otherwise all of your users need to reset their password.