Hello! I have a simple setup running keycloak 9.0.0 setup with LDAP user federation to my FreeIPA instance (4.8). Runs smooth so far, but everytime a user changes his password in keycloak it is marked expired in FreeIPA and gets prompted to change it once trying to login in FreeIPA.
The very same issue popped up in this mail thread: https://www.redhat.com/archives/freeipa-users/2017-January/msg00393.html The answer does not seem to be valid for freeipa 4.8 though, as the described DN doesn't even exist anymore. Searching through the RedHat docs i can see several configuration guides for windows AD password sync but not a mention how to fix it for keycloak.... Any hint what I could try here? Best regards, Jonatan _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
