Ldap Provider Issue on secondary Realm

[DexterMalone]

Hi,

thanks for the great module.

While setting up new Instances with newest module on Ubuntu 22.04 we noticed probably a bug or missing config Option for the ldap providers.
Maybe we have not seen the correct parameter, but it seems we cannot set the parent_id for the keycloak_ldap_user_provider, only realm.
What happens is that puppet says its all fine and actually creates the ldap connections without issue, but in the DB we can see the LDAPs being linked to master realm on parent_Id and to the realm that specified as parameter.
Sadly they dont show up on the gui at all, neither in master nor secondary realm.

Is there a way to specify the parent_id for the keycloak_ldap_user_provider or is that a missing parameter?

Kind regards,
Mathias

[treydock]

Could you provide the Puppet or YAML code you're using to define the LDAP user provider? Can redact any sensitive information.

[aba-zwicker]

Hi @treydock
We have the same issue with multiple realms.

I think the problem is located here:

puppet-module-keycloak/lib/puppet/provider/keycloak_ldap_user_provider/kcadm.rb

Line 62 in 078b5cc

output = kcadm('get', 'realms', realm, nil, ['id'])

This line returns all (!) realms instead of just the one requested with -r:

# kcadm.sh get realms -r master --fields id
[ {
  "id" : "test1"
}, {
  "id" : "master"
}, {
  "id" : "test2"
}, {
  "id" : "test3"
} ]

And at this line always the last realm in the array returned is set as parent_id:

puppet-module-keycloak/lib/puppet/provider/keycloak_ldap_user_provider/kcadm.rb

Line 71 in 078b5cc

parent_id = d['id']

To get the id of the realm the following could be used instead:

# kcadm.sh get realms/master --fields id
{
  "id" : "master"
}

Thanks!
Kind regards