Hello everyone,
I have an LDAP and a Keycloak 26.4.4 instance configured together. I noticed the “Remove invalid users during searches” option under “Synchronization settings.”
As far as I understand, setting this to false prevents Keycloak from removing users when they are deleted from LDAP.
This seems to work: when I delete a user in LDAP, the corresponding user in Keycloak is just disabled.
However, when I recreate the same user in LDAP, the user is not automatically re-enabled in Keycloak.
Does anyone know what might cause this behavior? Could it be related to other LDAP settings in Keycloak, or perhaps to the Edit Mode configuration for the LDAP provider?
Thanks in advance for any help!