On 26.08.19 09:26, Jakub Hrozek via FreeIPA-users wrote:
[...]
Sorry, it's not totally clear to me if all the attributes were mapped to
mail by the KC installer or by your snippet?
The original config looked like it should after executing keycloak's
federation-sssd-setup.sh:
[domain section]
ldap_user_extra_attrs = mail:mail, sn:sn, givenname:givenname,
telephoneNumber:telephoneNumber
[ifp]
user_attributes = +mail, +telephoneNumber, +givenname, +sn
Does everything work if you remove the mappings?
Unfortunately not. Only "mail" is mapped for an AD user. The other three
attributes are not.
Cheers,
Ronald
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
