[keycloak-user] WILL_NOT_PERFORM update of password in Active Directory

[Adrian Matei]

hi,

has anybody got the following type of error when trying to add/passwords
using AD as user federation:

Caused by: javax.naming.OperationNotSupportedException: [LDAP: error code
53 - 0000052D: SvcErr: DSID-031A12D2, problem 5003 *(WILL_NOT_PERFORM)*,
data 0
]; remaining name
'CN=ama,OU=Keycloakmanaged,OU=Test,DC=extnett,DC=xxx,DC=yy'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3160)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3033)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2840)
at com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1478)
at
com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:273)
at
com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:190)
at
com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:179)
at
javax.naming.directory.InitialDirContext.modifyAttributes(InitialDirContext.java:167)
at
javax.naming.directory.InitialDirContext.modifyAttributes(InitialDirContext.java:167)
at
org.keycloak.federation.ldap.idm.store.ldap.LDAPOperationManager$6.execute(LDAPOperationManager.java:386)
at
org.keycloak.federation.ldap.idm.store.ldap.LDAPOperationManager$6.execute(LDAPOperationManager.java:383)
at
org.keycloak.federation.ldap.idm.store.ldap.LDAPOperationManager.execute(LDAPOperationManager.java:519)
at
org.keycloak.federation.ldap.idm.store.ldap.LDAPOperationManager.modifyAttributes(LDAPOperationManager.java:383)
... 64 more



I get the same error when I try to "manually" add the *unicodePwd *via the
ApacheDirectoryStudio for example...
The connection is over SSL and both parties trust each other...

Thanks,
Adrian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20151202/761b361d/attachment.html