| | 144 | |
| | 145 | * Now you should be able to access the server through your browser by accessing: https://idp.instXY.ac.lk:8443/auth/admin |
| | 146 | |
| | 147 | * Log in to the master admin console. This will provide full privileged access to the system. |
| | 148 | |
| | 149 | * Create your own realm (domain) |
| | 150 | * From the Master drop-down menu, click Add Realm. |
| | 151 | * Put '''instXY''' as the Name and `Add` |
| | 152 | |
| | 153 | From here onwards, make sure you select instXY from the master menu when doing changes. |
| | 154 | |
| | 155 | * Connect your ldap instance: |
| | 156 | |
| | 157 | * Map User Attributes |
| | 158 | |
| | 159 | You have to map user attributes that are essential in password resetting. When a user clicks forgot password link it will send a reset link to a working email. Keep in mind that the attribute `mail` should be the key attribute for mapping the ldap user for various outside services. Therefore it should be something in the format `user@instXY.ac.lk` and it should not be allowed to be changed by the users. Because of this, we will use ldap attribute `email` to fill in the alternate email of the user which is used to send the reset requests. |
| | 160 | |
| | 161 | * Map Group Attributes |
| | 162 | |
| | 163 | |
| | 164 | |
| | 165 | |
| | 166 | |
| | 167 | |
| | 168 | |
| | 169 | > For further customization you may consult keycloak official guides from https://www.keycloak.org/documentation.html |
