Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-13697

Updating attributes on a federated user makes user invalid and removed

    Details

    • Steps to Reproduce:
      Hide

      Set up and LDAP Federation against AD.
      Edit an attribute on a user.

      Show
      Set up and LDAP Federation against AD. Edit an attribute on a user.
    • Docs QE Status:
      NEW
    • QE Status:
      NEW

      Description

      I have federated users from an Active Directory with Edit Mode UNSYNCED.
      If I go into attributes and add or change and attribute the user is removed from Keyklock and resynced from AD.

      Expected behaviour is that the attribute is saved on the user.

      I get this in the debug log after saving.

      keycloak_keycloak.1.wdmrksq8elh8@intg-swarm5 | 07:27:19,418 DEBUG [org.keycloak.storage.UserStorageManager] (default task-3) Removed invalid user 'erik.tornstam@ip-only.se'

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                erik.tornstam Erik Tornstam
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated: