Keycloak - Users in Role missing after sync with LDAP

2
votes

I configured LDAP as User Federation (with role-ldap-mapper) and successfully imported users with their roles to Keycloak. When I go to Users->{user}->Role Mappings I see every roles that are signed to a user (imported from LDAP), but when I go to Roles->{role}->Users In Role I see nothing.

Is it a bug or a feature? Or maybe I configure something wrong?

Users roles

Empty Users in Roles

LDPA Role mapper configuration

2
keycloak

2 Answers

0
votes

I faced the same issue. I changed the Mode (inside LDAP role mapper) to Import instead of READ_ONLY and I was able to see users under a role.

-1
votes

Please create mapper of type msad-lds-user-account-control-mapper.

It works for me.