Not yet, but it’s still on my todo list…
EDIT:
With following mapper groups are synced, but unfortunately not the group members…
I’ll give it another try the next days…
@mrmarkusz I was wondering what’s the point of using the ldap connections and mappers since Keycloak can be a database on its own.
Since the users created in Keycloak will not reflect on nethserver user and account tabs.
Maybe the best thing is to leave that connection alone and focus on Keycloak integration with the services itself.
Do you think this is wise?
Also I am wondering how free radius manages the users @stephdl mentioned to me that he might believe that the free radius plugin will not utilise the NS users and accounts.
Thank you
Nethserver and all applications use LDAP/AD as user database so it would be nice to make the sync work and to just have one user database to maintain.
On the other hand Nextcloud for instance allows login via LDAP and SAML and let you choose at login.
Sorry, I never used/tested freeradius.
Thank you for your response,
I tried to activate SAML but without any success,
Further more, I have managed to get a proper user and group federation on keycloak with your help, I get all of the groups linked, however I cannot get the users to move too.
Lastly, I have tried to setup the quota attribute to have them in nextcloud, no success,
I have noticed that when you create a user on the NS user and account tab, you get more details and info about the user on PHPLDAPADMIN than when you create a user on KC and do the sync.
Additionally, when you link a user to a group on KC it doesnt reflect on PHPLDAPADMIN nor on NS.
I am also trying to get the ldap link with HUMHUB and I have realised that I get the following error:
error
Could not automatically create LDAP user - check required attributes! (Array ( [cn] => TEST [dn] => uid=test,ou=People,dc=directory,dc=nh [mail] => email@example.com [objectclass] => Array ( [0] => inetOrgPerson [1] => organizationalPerson ) [sn] => TESTING [uid] => jc [userpassword] => supersecretpassword [id] => unused [username] => test [email] => email@example.com [lastname] => TESTING ) )
I can’t seem to figure it out, I have tried countless times.
I understand for RADIUS, I will look into it later.
Thank you
I have been browsing the internet and came accross this .
A very interesting read.
My understaning of the whole thing. Keycloack allows for OpenID Connect, OAuth 2.0, and SAML.
While on the other hand. Nethserver works with LDAP/AD.
Overall, most service providers on the internet accept Outh, OpenID or SAML to access their business systems.
The goal is to use Nethserver to add users, for the various services that Nethserver works with, like Nextcloud, and EMail, without Breaking anything.
WHile also have Keycloack read the same data, for the ability to login into external systems that do not offer LDAP as aoption for login.
COming to think of it, its very interesting. Where are we on this. Is id doable, is there an alternative in nethserver, that will provide Outh or SAML for other systems
@mrmarkuz are there nice things. Anyone interested in this topic?
Adding this for someone else on the thread.
@Karim_Paul and @mrmarkuz
how did this project go on so far… any new updates on the matter.
has anyone ironed out teething issues?