Page History
...
Users can always update their password (temporary or not) in the Account console for the Studio realm at http://<domain:port>/Keycloak/realms/<realm>/account
, or http://localhost:150/Keycloak/realms/BlueriqStudio15/account in a typical installation.
User Federation: NTLM/LDAP
It is possible to link Keycloak to an Active Directory using User Federation. This will allow users to sign in using their AD credentials. To set this up:
...
Select which credentials Keycloak will use to query the AD, for example as CN=Keycloak,CN=Services,DC=company,DC=com
.
Test authentication to ensure the configuration works.
User Federation: Kerberos
It is possible to link Keycloak to an Active Directory with the Kerberos protocol using User Federation. This will allow users to sign in using their AD credentials. To set this up:
Select User Federation from the navigation panel. From the Add provider drop-down, select kerberos
.
Enter the Kerberos Realm
Enter the principal for the serverÂ
Enter the location of the keytab file containing credentials of the given principal.
Set Allow Password Authentication to On:
Set Edit Mode to READ_ONLY