Configure an Active Directory as a User Federation in Keycloak

you can connect an active directory to keycloak through ldap (lightweight directory access protocol) as a user federation before you begin you will need an active directory to connect to if needed, follow up with your it department to create one step 1 configure standalone realm you will first need to configure the default standalone realm with the new ldap provider that you will create to configure the standalone realm log in to keycloak using the following url https //\[lem ip address]/auth/admin see access to litmus edge manager docid\ w3uhzq4tsrh7oljhult0a to learn more in the top left corner, open the drop down list for the master realm and select standalone in the left navigation menu, select user federation and click add ldap providers the add ldap provider page displays in the general options section, enter a display name for the provider and select active directory as the vendor after selecting the vendor, the following fields are auto filled username ldap attribute rdn ldap attribute uuid ldap attribute user object classes in the connection and authentication settings section, you will need to configure the external ad ldap server enter the following url ldap\ //\[ad server ip address] configure the other connection parameters as required then, click test connection to confirm the ldap connection is successful configure the following settings and click test authentication to confirm they are correct bind type select the type of the authentication method used during the ldap bind operation none (anonymous ldap authentication) or simple (bind credential + bind password authentication) bind dn enter the dn of the ldap admin bind credentials enter the password of the ldap admin in the ldap searching and updating section, configure the user ldap filter field with appropriate ldap filters this allows you to restrict users and enhance security and performance configure the remaining settings as needed and then click save step 2 confirm successful setup after creating the realm, you can test the connection to confirm the active directory is successfully set up to confirm the setup is successful in the left navigation menu, select clients then, click the home url for account console the keycloak account management page opens in a new browser tab click sign out and then click sign in the keycloak sign in page displays use the credentials of any user in your active directory to sign in if the login in successful, the user is now authenticated using an active directory log in again to keycloak, select users , and confirm that the user you just logged in with is listed