Hi all,
I successfully installed and set up Keycloak as the new SSO provider via univention-app.
I then quickly noticed that nested groups from the LDAP are not resolved.
group: all < group: all.ch < group: all.ch.basel < user: maxmuster
In the OIDC token you see only contain the group all.ch.basel
'groups' => [
'/Domain Users',
'/all.ch.basel'
],
Is it possible to get the keycloak to resolve the nested groups correctly?
The memberOf in the user object can only list the direct groups, so it doesn’t help me either.
Greez
AlteSocke