How to integrate OpenLDAP to Keycloak correctly?

Question

Installed OpenLDAP by helm

helm install openldap stable/openldap

Check data in the initialized server

kubectl port-forward $OPENLDAP_POD_NAME 3890:389
ldapsearch -x -H ldap://localhost:3890 -b dc=example,dc=org -D "cn=admin,dc=example,dc=org" -w $LDAP_ADMIN_PASSWORD

# extended LDIF
#
# LDAPv3
# base <dc=example,dc=org> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# example.org
dn: dc=example,dc=org
objectClass: top
objectClass: dcObject
objectClass: organization
o: Example Inc.
dc: example

# admin, example.org
dn: cn=admin,dc=example,dc=org
objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
description: LDAP administrator
userPassword:: [HIDDEN]

# search result
search: 2
result: 0 Success

# numResponses: 3
# numEntries: 2

Install keycloak

helm install keycloak codecentric/keycloak
kubectl port-forward $KEYCLOAK_POD_NAME 8080

Bind it to Keycloak in the User Federation -> Add user storage provider -> ldap as below.

Why can't connect to ldap server? I login to the ldap pod to see the log but didn't find where is it.

Answer 1

The "Connection URL" should most probably be ldap://openldap.default:389 (and if openldap was deployed in a different namespace, replace default with that).