[GH-ISSUE #1054] [BUG] Keycloak example_config no longer valid as of LLDAP 0.6.0+ due to changed user and group schemas #377

New issue

Closed

opened 2026-02-27 08:16:57 +03:00 by kerem · 2 comments

kerem commented

2026-02-27 08:16:57 +03:00

Owner

Originally created by @YUNoMakeGoodMap on GitHub (Dec 4, 2024).
Original GitHub issue: https://github.com/lldap/lldap/issues/1054

Due to changes in 0.6.0, the settings shown in Example Configs: Keycloak are no longer correct.

The user attributes that need changing or sync fails:

Username LDAP attribute: uid -> user_id
UUID LDAP attribute: uid -> uuid

Groups sync just fine, but group members are never populated. This used to work in 0.5.0 and previous.

I have included my group mapper settings, to show that the defaults provided by the example config do not work.
I tried to resolve this myself using every combination of settings I could think of, and it syncs groups but not group memberships.

Originally created by @YUNoMakeGoodMap on GitHub (Dec 4, 2024). Original GitHub issue: https://github.com/lldap/lldap/issues/1054 Due to changes in 0.6.0, the settings shown in [Example Configs: Keycloak](https://github.com/lldap/lldap/blob/main/example_configs/keycloak.md) are no longer correct. The user attributes that need changing or sync fails: * Username LDAP attribute: uid -> user_id * UUID LDAP attribute: uid -> uuid Groups sync just fine, but group members are never populated. This used to work in 0.5.0 and previous. ![image](https://github.com/user-attachments/assets/2de82bb9-af9b-4afc-8690-7ad4d532af44) ![image](https://github.com/user-attachments/assets/7d727b16-1a83-490e-85dd-72e4c3a171ee) ![image](https://github.com/user-attachments/assets/bef076ed-a9ea-46ce-807b-5d87a6465149) I have included my group mapper settings, to show that the defaults provided by the example config do not work. I tried to resolve this myself using every combination of settings I could think of, and it syncs groups but not group memberships.

kerem

2026-02-27 08:16:57 +03:00

closed this issue
added the
bug
label

kerem commented

2026-02-27 08:16:58 +03:00

Author

Owner

@nitnelave commented on GitHub (Dec 4, 2024):

Can you post the LLDAP logs of:

starting LLDAP in verbose mode
trying to do a sync with keycloak
?

That should help identify the queries made and why it's not syncing.

Bonus points if you can also do that with 0.5 to see the diff, but I don't think it's necessary.

@nitnelave commented on GitHub (Dec 4, 2024): Can you post the LLDAP logs of: - starting LLDAP in verbose mode - trying to do a sync with keycloak ? That should help identify the queries made and why it's not syncing. Bonus points if you can also do that with 0.5 to see the diff, but I don't think it's necessary.

kerem commented

2026-02-27 08:16:58 +03:00

Author

Owner

@YUNoMakeGoodMap commented on GitHub (Feb 11, 2025):

I believe that I resolved this by deleting the LDAP connection in Keycloak and recreated it.
May have been a fluke, some setting got stuck, kludged state, etc etc.
Not sure, but it has been resolved for quite a while.

@YUNoMakeGoodMap commented on GitHub (Feb 11, 2025): I believe that I resolved this by deleting the LDAP connection in Keycloak and recreated it. May have been a fluke, some setting got stuck, kludged state, etc etc. Not sure, but it has been resolved for quite a while.

kerem referenced this issue

2026-02-27 09:09:26 +03:00

[PR #377] [MERGED] server: make host configurable to enable IPv6 support #705