Menu
I am trying to integrate LDAP Active Directory with Keycloak. I have been able to synchronize LDAP users using Custom User LDAP Filter that filters by LDAP attributes - (theAttribute=theValue). Is there a way/syntax to filter by groups? For example, say I have Active Directory group "My Group" and I want to synchronize to Keycloak only users in that group. What would be the search Custom User LDAP Filter?
200
How about memberOf? For example:
(&(objectCategory=Person)(sAMAccountName=*)(theAttribute=theValue)(memberOf=cn=My Group,dc=example,dc=com))
Please refer to RFC2254 "The String Representation of LDAP Search Filters" more details:
174
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
