dsschult
commented
3 years ago Turns out we don't need to create users in LDAP first after all. The (better) alternative is to only use the basic user classes (inetOrgPerson, organizationalPerson) when setting up the LDAP sync in Keycloak. Then adding things like posixAccount later if requested.
So we'll still need a library in which to modify LDAP profiles, but won't need this in the initial user creation.
Register a new user in ldap first, to get around keycloak - ldap issues.
Will close #5 when complete.