I have federated users from an Active Directory with Edit Mode UNSYNCED.
If I go into attributes and add or change and attribute the user is removed from Keyklock and resynced from AD.
Expected behaviour is that the attribute is saved on the user.
I get this in the debug log after saving.
keycloak_keycloak.1.wdmrksq8elh8@intg-swarm5 | 07:27:19,418 DEBUG [org.keycloak.storage.UserStorageManager] (default task-3) Removed invalid user 'firstname.lastname@example.org'