linux_server_manuals:keycloak_openldap_integration
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
linux_server_manuals:keycloak_openldap_integration [2018/01/31 19:24] – [Setup Keycloak LDAP federation] ronney | linux_server_manuals:keycloak_openldap_integration [2018/05/12 16:28] (current) – ronney | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== Setup openLDAP and integrate it with Keycloak ====== | ====== Setup openLDAP and integrate it with Keycloak ====== | ||
- | For that manual, we assume that you've already got a working Keycloak installation. Otherwise take a look at [[linux_server_manuals: | + | For that manual, we assume that you've already got a working Keycloak installation. Otherwise take a look at [[linux_server_manuals: |
The manual was written for Debian Stretch, but should also work with other distributions. | The manual was written for Debian Stretch, but should also work with other distributions. | ||
Line 23: | Line 23: | ||
</ | </ | ||
+ | If you changed the above setting, that slapd should not listen on all hosts, then you also need to tell slapd it should not start up before docker. Otherwise the dockerinterface is not ready to bind to it: | ||
+ | |||
+ | < | ||
+ | systemctl edit slapd.service | ||
+ | </ | ||
+ | |||
+ | In the editor that was opened enter: | ||
+ | < | ||
+ | [Unit] | ||
+ | After=docker.service | ||
+ | </ | ||
create file / | create file / | ||
Line 98: | Line 109: | ||
changetype: modify | changetype: modify | ||
add: olcDbIndex | add: olcDbIndex | ||
- | olcDbIndex: memberOf eq | + | olcDbIndex: memberOf, mail eq |
</ | </ | ||
Line 105: | Line 116: | ||
ldapadd -Q -Y EXTERNAL -H ldapi:/// -f index.ldif | ldapadd -Q -Y EXTERNAL -H ldapi:/// -f index.ldif | ||
</ | </ | ||
+ | |||
+ | create file database.ldif to increase the maxsize of 1GB of the database.I once run out of space after only adding a few 100 users... | ||
+ | < | ||
+ | dn: olcDatabase={1}mdb, | ||
+ | changetype: modify | ||
+ | replace: OlcDbMaxSize | ||
+ | OlcDbMaxSize: | ||
+ | </ | ||
+ | |||
+ | Execute: | ||
+ | < | ||
+ | ldapmodify -Q -Y EXTERNAL -H ldapi:/// -f database.ldif | ||
+ | </ | ||
+ | |||
===== Setup Keycloak LDAP federation ===== | ===== Setup Keycloak LDAP federation ===== | ||
Line 146: | Line 171: | ||
|**LDAP Full Name Attribute** | cn | | |**LDAP Full Name Attribute** | cn | | ||
+ | Now newly created and changes to users should be synced to the ldap directory. |
linux_server_manuals/keycloak_openldap_integration.1517426677.txt.gz · Last modified: 2018/01/31 19:24 by ronney