In the top-left corner, open the drop-down list for the master realm and select standalone.

In the left-navigation menu, select User Federation and click Add Ldap providers. The Add LDAP provider page displays.

In the General options section, enter a display name for the provider and select Active Directory as the vendor. After selecting the vendor, the following fields are auto-filled: Username LDAP attribute RDN LDAP attribute UUID LDAP attribute User Object classes

In the Connection and authentication settings section, you will need to configure the external AD LDAP server. Enter the following URL: ldap://[AD server IP address]. Configure the other connection parameters as required. Then, click Test connection to confirm the LDAP connection is successful.

Configure the following settings and click Test authentication to confirm they are correct. Bind type: Select the type of the authentication method used during the LDAP bind operation: none (anonymous LDAP authentication) or simple (bind credential + bind password authentication). Bind DN: Enter the DN of the LDAP admin. Bind credentials: Enter the password of the LDAP admin.

In the LDAP searching and updating section, configure the User LDAP filter field with appropriate LDAP filters. This allows you to restrict users and enhance security and performance.

In the left navigation menu, select Clients. Then, click the home URL for account-console. The Keycloak account management page opens in a new browser tab.

Click Sign out and then click Sign in. The Keycloak sign in page displays.

Log in again to Keycloak, select Users, and confirm that the user you just logged in with is listed.