Page History
...
Users can always update their password (temporary or not) in the Account console for the Studio realm at http://<domain:port>/Keycloak/realms/<realm>/account
, or http://localhost:150/Keycloak/realms/BlueriqStudio15/account in a typical installation.
User Federation: NTLM
It is possible to link Keycloak to an Active Directory using User Federation. This will allow users to sign in using their AD credentials. To set this up:
Select User Federation from the navigation panel. From the Add provider drop-down, select ldap
.
As Edit Mode, choose READ_ONLY
Note |
---|
You may need to consult your administrator in order to fill in the following fields. |
Select which vendor is used, this will prefill the following fields with the correct defaults:
Review the defaults generated for the next 4 fields, if these appear to be correct, enter the connection url, including the ldap://
prefix. The following command line command may assist in determining the correct url: nslookup -type=all _ldap._tcp
.
Select where in the LDAP tree Keycloak can find the Studio users that should be able to log in, for example CN=MyStudioUsers,DC=company,DC=com
.
Select which credentials Keycloak will use to query the AD, for example as CN=Keycloak,CN=Services,DC=company,DC=com
.