[prev in list] [next in list] [prev in thread] [next in thread] 

List:       keycloak-user
Subject:    [keycloak-user] AD sAMAccountName Protocol Mapper
From:       mposolda () redhat ! com (Marek Posolda)
Date:       2018-01-29 16:31:51
Message-ID: b62acf71-3e99-d244-4cd4-fe6ce663338d () redhat ! com
[Download RAW message or body]

If I understand your usecase, you need 2 things:

1) Configure LDAP User Attribute mapper and map LDAP Attribute 
'sAMAccountName' to any attribute of user. After doing this, you should 
be able to see the the sAMAccountName-mapped attribute in the tab 
"Atrributes" of particular user in Keycloak admin console.

2) Create protocolMapper for your client application and map the 
attribute from (1) to the claim of the token with User Attribute 
protocol mapper. Then in your application, you should see the 
corresponding claim in the access token.

Marek

On 29/01/18 14:43, trmadhu at tafe.com wrote:
> Dear All
> 
> We have configured the AD Authentication in Keycloak using the User Federation. \
> Currently we are configured the Username LDAP Attribute as "cn", but in our of the \
> application, we need to send the sAMAccountName as the login parameter 
> So kindly support in configuring the sAMAccountName as  Protocol Mapper.
> 
> 
> [All]
> 
> 
> 
> Above email is subject to 'Disclaimer' as per <a \
> href="http://tafe.co.in/email-disclaimer.htm">http://tafe.co.in/email-disclaimer.htm</a>
>  
> 
> 
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user


[prev in list] [next in list] [prev in thread] [next in thread]