Reputation: 328
Disable Keycloak user from LDAP
I have synchronization between OpenLDAP and Keycloak via user federation, everything works fine(import from LDAP, authentication, etc). I need to have a possibility to disable Keycloak user from LDAP. I know that it is possible to disable a user from Keycloak, but is there a way to do the same from LDAP? Maybe add some attribute to LDAP record which will be mapped to Keycloak record and user will be disabled.
My goal is: disable authentication for a particular user using LDAP.
Upvotes: 1
Views: 2462
Answers (1)
Reputation: 1
I managed to make it work with fedora 389. I created an "enabled" attribute as String and created the corresponding mapper in the federation configuration as "user-attribute-ldap-mapper". Now when I change the "enabled" switch in keycloak the change is propagated to ldap
Upvotes: 0
Related Questions
- How to enable/disable user in Keycloak Admin Client
- Disable Multiple login at Keycloak
- How to disable LDAP password policy
- Keycloak gives "Username or password is wrong" error after pressed "unlink users" button
- KeyCloak User Credentials Encryption
- Keycloak - Issues syncing users with LDAP
- How to Deactivate a LDAP User?
- Keycloak says it imports users but they don't show up
- Disable linux user authentication except through ldap
- Map LDAP specific attribute to Keycloak roles