'Is it possible to sync roles and permissions from LDAP to Keycloak?

I'm have been setting up Keycloak in an test environment as an IdP, with a user federation to Microsoft Active directory LDAP.

I've been able to sync the roles with ldap-mapper and I can see the roles under Clients - 'Assigned Roles'.

My question is if this means the clients/application that we add will give the right person the right permission when they log in?

For example, if some of the users has admin permissions in AD and others not, in AD, will that permissions follow?

Thanks.

active-directorykeycloakopenid-connectsaml-2.0


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions

List users from specific groups

.NET Core 6 Windows auth and Active Directory group based permissions

Reading the SECURITY_ENABLED flag of Group in Active Directory

How can I pull Mail Contact groups for each contact with powershell?

Tomcat Manager - Active Directory Authentication

Java: Connect to Active Directory via serverless binding?

What is a more modern .NET library to use with Active Directory than System.DirectoryServices.AccountManagement?

Search Outlook Global Address List Asynchronously

Unable to retrieve cross domain users with get-adgroupmember -recursive

How to Bind asynchronously with LdapConnection

When generating a unique username in Active Directory, numbers do not increment correctly

Powershell Creating Password Expiration Report

Show "Microsoft Active Directory" information table in WordPress

Do we need Active Directory Domain Controller to run any PowerShell commands?

How do I solve error with Active Directory Search using user name