Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-15177

User required Action (Change password) gets set for users imported from LDAP (read-only) - which makes unable to login

    Details

    • Docs QE Status:
      NEW
    • QE Status:
      NEW

      Description

      1. Realm --> Authentication --> Required Actions --> Enable 'Update Password'
      2. This works fine for local users created in keycloak
      3. Create a LDAP user federation - READ_ONLY, set validate password policy as false
      4. Sync users
      5. Users are synced with 'Update Password' set in Required Action
      6. Login with the the user onto an application
      7. Change password screen is shown
      8. Try to change the password - Error thrown as User Federation is not writable
      9. Try an admin remove this required action from console - even that fails
      10. The user account is just not usable

      Expected Behavior:

      Do NOT set the 'update password' required action if the user federation is not writable

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                dhanuj Dhanuj Dharmarajan
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: