Uploaded image for project: 'RH-SSO'
  1. RH-SSO
  2. RHSSO-2458

Use an original domain name of Kerberos Principal in UserModel attribute instead of configured value of Kerberos realm in User federation

XMLWordPrintable

    • False
    • None
    • False

      GH issue: https://github.com/keycloak/keycloak/issues/20045

      There are 2 Active Directory domains (EXAMPLE1.COM and EXAMPLE2.COM) which have mutual trust.
      Configuring User Federation of kerberos against one of them (EXAMPLE1.COM), RH-SSO/Keycloak can authenticate user1@EXAMPLE2.COM against the domains.
      However, the "KERBEROS_PRINCIPAL" attribute in UserModel is "user1@EXAMPLE1.COM". It should be "user1@EXAMPLE2.COM".

              Unassigned Unassigned
              rhn-support-hokuda Hisanobu Okuda
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: