[keycloak-user] How to configure new params and edit them with Keycloak and LDAP integration
Celso Agra
celso.agra at gmail.com
Tue Mar 14 13:50:09 EDT 2017
Hi all,
I saw an example about LDAP and Keycloak integration here
<https://github.com/keycloak/keycloak/tree/master/examples/ldap>.
So, it is running with ApacheDS LDAP server. I was thinking, would be
possible run this integration with *slapd* tool? Also, I'm using schema
instead of ldif structure. It could be a problem?
Thanks!
2017-03-10 10:40 GMT-03:00 Celso Agra <celso.agra at gmail.com>:
> I'm using slapd.
>
> Here is the object classes that I'm using: top, inetOrgPerson, person,
> organizationalPerson, phpgwAccount, shadowAccount
>
>
> 2017-03-10 7:41 GMT-03:00 Marek Posolda <mposolda at redhat.com>:
>
>> This looks like bad LDAP mapping for username and UUID. Which LDAP are
>> you using btv?
>>
>> Marek
>>
>>
>> On 09/03/17 16:03, Celso Agra wrote:
>>
>> Hi,
>>
>> I solved this error, just removing the MSAD account controls, but now I'm
>> getting a new error, when I finished my registration:
>> here is the log:
>>
>> 2017-03-09 11:58:00,375 ERROR [io.undertow.request] (default task-1)
>>> UT005023: Exception handling request to /auth/realms/myrealm/login-actions/required-action:
>>> org.jboss.resteasy.spi.UnhandledException:
>>> java.lang.NullPointerException
>>> at org.jboss.resteasy.core.ExceptionHandler.handleApplicationEx
>>> ception(ExceptionHandler.java:76)
>>> at org.jboss.resteasy.core.ExceptionHandler.handleException(Exc
>>> eptionHandler.java:212)
>>> at org.jboss.resteasy.core.SynchronousDispatcher.writeException
>>> (SynchronousDispatcher.java:168)
>>> at org.jboss.resteasy.core.SynchronousDispatcher.invoke(Synchro
>>> nousDispatcher.java:411)
>>> at org.jboss.resteasy.core.SynchronousDispatcher.invoke(Synchro
>>> nousDispatcher.java:202)
>>> at org.jboss.resteasy.plugins.server.servlet.ServletContainerDi
>>> spatcher.service(ServletContainerDispatcher.java:221)
>>> at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatc
>>> her.service(HttpServletDispatcher.java:56)
>>> at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatc
>>> her.service(HttpServletDispatcher.java:51)
>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
>>> at io.undertow.servlet.handlers.ServletHandler.handleRequest(Se
>>> rvletHandler.java:85)
>>> at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.d
>>> oFilter(FilterHandler.java:129)
>>> at org.keycloak.services.filters.KeycloakSessionServletFilter.d
>>> oFilter(KeycloakSessionServletFilter.java:90)
>>> at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilte
>>> r.java:60)
>>> at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.d
>>> oFilter(FilterHandler.java:131)
>>> at io.undertow.servlet.handlers.FilterHandler.handleRequest(Fil
>>> terHandler.java:84)
>>> at io.undertow.servlet.handlers.security.ServletSecurityRoleHan
>>> dler.handleRequest(ServletSecurityRoleHandler.java:62)
>>> at io.undertow.servlet.handlers.ServletDispatchingHandler.handl
>>> eRequest(ServletDispatchingHandler.java:36)
>>> at org.wildfly.extension.undertow.security.SecurityContextAssoc
>>> iationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
>>> at io.undertow.server.handlers.PredicateHandler.handleRequest(P
>>> redicateHandler.java:43)
>>> at io.undertow.servlet.handlers.security.SSLInformationAssociat
>>> ionHandler.handleRequest(SSLInformationAssociationHandler.java:131)
>>> at io.undertow.servlet.handlers.security.ServletAuthenticationC
>>> allHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
>>> at io.undertow.server.handlers.PredicateHandler.handleRequest(P
>>> redicateHandler.java:43)
>>> at io.undertow.security.handlers.AbstractConfidentialityHandler
>>> .handleRequest(AbstractConfidentialityHandler.java:46)
>>> at io.undertow.servlet.handlers.security.ServletConfidentiality
>>> ConstraintHandler.handleRequest(ServletConfident
>>> ialityConstraintHandler.java:64)
>>> at io.undertow.security.handlers.AuthenticationMechanismsHandle
>>> r.handleRequest(AuthenticationMechanismsHandler.java:60)
>>> at io.undertow.servlet.handlers.security.CachedAuthenticatedSes
>>> sionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
>>> at io.undertow.security.handlers.NotificationReceiverHandler.ha
>>> ndleRequest(NotificationReceiverHandler.java:50)
>>> at io.undertow.security.handlers.AbstractSecurityContextAssocia
>>> tionHandler.handleRequest(AbstractSecurityContextAssociation
>>> Handler.java:43)
>>> at io.undertow.server.handlers.PredicateHandler.handleRequest(P
>>> redicateHandler.java:43)
>>> at org.wildfly.extension.undertow.security.jacc.JACCContextIdHa
>>> ndler.handleRequest(JACCContextIdHandler.java:61)
>>> at io.undertow.server.handlers.PredicateHandler.handleRequest(P
>>> redicateHandler.java:43)
>>> at io.undertow.server.handlers.PredicateHandler.handleRequest(P
>>> redicateHandler.java:43)
>>> at io.undertow.servlet.handlers.ServletInitialHandler.handleFir
>>> stRequest(ServletInitialHandler.java:284)
>>> at io.undertow.servlet.handlers.ServletInitialHandler.dispatchR
>>> equest(ServletInitialHandler.java:263)
>>> at io.undertow.servlet.handlers.ServletInitialHandler.access$00
>>> 0(ServletInitialHandler.java:81)
>>> at io.undertow.servlet.handlers.ServletInitialHandler$1.handleR
>>> equest(ServletInitialHandler.java:174)
>>> at io.undertow.server.Connectors.executeRootHandler(Connectors.
>>> java:202)
>>> at io.undertow.server.HttpServerExchange$1.run(HttpServerExchan
>>> ge.java:793)
>>> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPool
>>> Executor.java:1142)
>>> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoo
>>> lExecutor.java:617)
>>> at java.lang.Thread.run(Thread.java:745)
>>> Caused by: java.lang.NullPointerException
>>> at org.keycloak.events.EventBuilder.user(EventBuilder.java:103)
>>> at org.keycloak.services.resources.LoginActionsService.initEven
>>> t(LoginActionsService.java:815)
>>> at org.keycloak.services.resources.LoginActionsService.access$
>>> 500(LoginActionsService.java:88)
>>> at org.keycloak.services.resources.LoginActionsService$Checks.
>>> verifyRequiredAction(LoginActionsService.java:297)
>>> at org.keycloak.services.resources.LoginActionsService.processR
>>> equireAction(LoginActionsService.java:853)
>>> at org.keycloak.services.resources.LoginActionsService.required
>>> ActionGET(LoginActionsService.java:846)
>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce
>>> ssorImpl.java:62)
>>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMe
>>> thodAccessorImpl.java:43)
>>> at java.lang.reflect.Method.invoke(Method.java:498)
>>> at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInje
>>> ctorImpl.java:139)
>>> at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget
>>> (ResourceMethodInvoker.java:295)
>>> at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(Resourc
>>> eMethodInvoker.java:249)
>>> at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTarge
>>> tObject(ResourceLocatorInvoker.java:138)
>>> at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(Resour
>>> ceLocatorInvoker.java:101)
>>> at org.jboss.resteasy.core.SynchronousDispatcher.invoke(Synchro
>>> nousDispatcher.java:395)
>>> ... 37 more
>>
>>
>>
>>
>>
>> 2017-03-09 9:47 GMT-03:00 Celso Agra <celso.agra at gmail.com>:
>>
>>> Got it!
>>>
>>> But I haven't seen the pwdLastSet here in my LDAP`mappers. I'm using the
>>> "Edit Mode" as WRITABLE, but I'm not setting this attribute.
>>> Here is my attributes:
>>>
>>>> cn
>>>> MSAD account controls
>>>> cpf
>>>> creation date
>>>> email
>>>> first name
>>>> last name
>>>> modify date
>>>> phpgwAccountStatus
>>>> username
>>>
>>>
>>> Thanks!!
>>>
>>> Best Regards,
>>>
>>> Celso Agra
>>>
>>> 2017-03-09 5:46 GMT-03:00 Marek Posolda <mposolda at redhat.com>:
>>>
>>>> Hi,
>>>>
>>>> The error may indicate that you configured "pwdLastSet" attribute
>>>> mapper in Keycloak to write into the LDAP, but it looks that writing this
>>>> attribute is unsupported. Maybe switch this mapper to read-only will help?
>>>>
>>>> Marek
>>>>
>>>>
>>>> On 08/03/17 15:29, Celso Agra wrote:
>>>>
>>>>> Hi all,
>>>>>
>>>>> I'm trying to configure KC with LDAP, but some errors are occurring.
>>>>> First, I configured my LDAP to write in the LDAP server, but for some
>>>>> reasons I got this error when I try to register an user:
>>>>>
>>>>> 2017-03-08 11:05:28,862 WARN [org.keycloak.services] (default task-6)
>>>>>
>>>>>> KC-SERVICES0013: Failed authentication: org.keycloak.models.ModelExcep
>>>>>> tion:
>>>>>> Could not modify attribute for DN [uid=11111111111,dc=zz,dc=dd,dc=aa]
>>>>>>
>>>>> at org.keycloak.federation.ldap.i
>>>>> dm.store.ldap.LDAPOperationManager.
>>>>>
>>>>>> modifyAttributes(LDAPOperationManager.java:410)
>>>>>>
>>>>> at org.keycloak.federation.ldap.i
>>>>> dm.store.ldap.LDAPOperationManager.
>>>>>
>>>>>> modifyAttributes(LDAPOperationManager.java:104)
>>>>>>
>>>>> at org.keycloak.federation.ldap.idm.store.ldap.
>>>>>
>>>>>> LDAPIdentityStore.update(LDAPIdentityStore.java:105)
>>>>>>
>>>>> at org.keycloak.federation.ldap.mappers.msad.
>>>>>
>>>>>> MSADUserAccountControlMapper$MSADUserModelDelegate.addRequiredAction(
>>>>>> MSADUserAccountControlMapper.java:235)
>>>>>>
>>>>> at org.keycloak.federation.ldap.mappers.msad.
>>>>>
>>>>>> MSADUserAccountControlMapper$MSADUserModelDelegate.addRequiredAction(
>>>>>> MSADUserAccountControlMapper.java:220)
>>>>>>
>>>>> at org.keycloak.models.utils.User
>>>>> ModelDelegate.addRequiredAction(
>>>>>
>>>>>> UserModelDelegate.java:112)
>>>>>>
>>>>> at org.keycloak.authentication.forms.RegistrationPassword.
>>>>>
>>>>>> success(RegistrationPassword.java:101)
>>>>>>
>>>>> at org.keycloak.authentication.Fo
>>>>> rmAuthenticationFlow.processAction(
>>>>>
>>>>>> FormAuthenticationFlow.java:234)
>>>>>>
>>>>> at org.keycloak.authentication.DefaultAuthenticationFlow.
>>>>>
>>>>>> processAction(DefaultAuthenticationFlow.java:76)
>>>>>>
>>>>> at org.keycloak.authentication.AuthenticationProcessor.
>>>>>
>>>>>> authenticationAction(AuthenticationProcessor.java:759)
>>>>>>
>>>>> at org.keycloak.services.resource
>>>>> s.LoginActionsService.processFlow(
>>>>>
>>>>>> LoginActionsService.java:356)
>>>>>>
>>>>> at org.keycloak.services.resources.LoginActionsService.
>>>>>
>>>>>> processRegistration(LoginActionsService.java:477)
>>>>>>
>>>>> at org.keycloak.services.resources.LoginActionsService.
>>>>>
>>>>>> processRegister(LoginActionsService.java:535)
>>>>>>
>>>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
>>>>> Method)
>>>>>
>>>>> at sun.reflect.NativeMethodAccessorImpl.invoke(
>>>>>
>>>>>> NativeMethodAccessorImpl.java:62)
>>>>>>
>>>>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(
>>>>>
>>>>>> DelegatingMethodAccessorImpl.java:43)
>>>>>>
>>>>> at java.lang.reflect.Method.invoke(Method.java:498)
>>>>>
>>>>> at org.jboss.resteasy.core.MethodInjectorImpl.invoke(
>>>>>
>>>>>> MethodInjectorImpl.java:139)
>>>>>>
>>>>> at org.jboss.resteasy.core.Resour
>>>>> ceMethodInvoker.invokeOnTarget(
>>>>>
>>>>>> ResourceMethodInvoker.java:295)
>>>>>>
>>>>> at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(
>>>>>
>>>>>> ResourceMethodInvoker.java:249)
>>>>>>
>>>>> at org.jboss.resteasy.core.ResourceLocatorInvoker.
>>>>>
>>>>>> invokeOnTargetObject(ResourceLocatorInvoker.java:138)
>>>>>>
>>>>> at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(
>>>>>
>>>>>> ResourceLocatorInvoker.java:101)
>>>>>>
>>>>> at org.jboss.resteasy.core.SynchronousDispatcher.invoke(
>>>>>
>>>>>> SynchronousDispatcher.java:395)
>>>>>>
>>>>> at org.jboss.resteasy.core.SynchronousDispatcher.invoke(
>>>>>
>>>>>> SynchronousDispatcher.java:202)
>>>>>>
>>>>> at org.jboss.resteasy.plugins.server.servlet.
>>>>>
>>>>>> ServletContainerDispatcher.service(ServletContainerDispatche
>>>>>> r.java:221)
>>>>>>
>>>>> at org.jboss.resteasy.plugins.server.servlet.
>>>>>
>>>>>> HttpServletDispatcher.service(HttpServletDispatcher.java:56)
>>>>>>
>>>>> at org.jboss.resteasy.plugins.server.servlet.
>>>>>
>>>>>> HttpServletDispatcher.service(HttpServletDispatcher.java:51)
>>>>>>
>>>>> at javax.servlet.http.HttpServlet
>>>>> .service(HttpServlet.java:790)
>>>>>
>>>>> at io.undertow.servlet.handlers.ServletHandler.handleRequest(
>>>>>
>>>>>> ServletHandler.java:85)
>>>>>>
>>>>> at io.undertow.servlet.handlers.F
>>>>> ilterHandler$FilterChainImpl.
>>>>>
>>>>>> doFilter(FilterHandler.java:129)
>>>>>>
>>>>> at org.keycloak.services.filters.
>>>>> KeycloakSessionServletFilter.
>>>>>
>>>>>> doFilter(KeycloakSessionServletFilter.java:90)
>>>>>>
>>>>> at io.undertow.servlet.core.ManagedFilter.doFilter(
>>>>>
>>>>>> ManagedFilter.java:60)
>>>>>>
>>>>> at io.undertow.servlet.handlers.F
>>>>> ilterHandler$FilterChainImpl.
>>>>>
>>>>>> doFilter(FilterHandler.java:131)
>>>>>>
>>>>> at io.undertow.servlet.handlers.FilterHandler.handleRequest(
>>>>>
>>>>>> FilterHandler.java:84)
>>>>>>
>>>>> at io.undertow.servlet.handlers.s
>>>>> ecurity.ServletSecurityRoleHandler.
>>>>>
>>>>>> handleRequest(ServletSecurityRoleHandler.java:62)
>>>>>>
>>>>> at io.undertow.servlet.handlers.ServletDispatchingHandler.
>>>>>
>>>>>> handleRequest(ServletDispatchingHandler.java:36)
>>>>>>
>>>>> at org.wildfly.extension.undertow.security.
>>>>>
>>>>>> SecurityContextAssociationHandler.handleRequest(
>>>>>> SecurityContextAssociationHandler.java:78)
>>>>>>
>>>>> at io.undertow.server.handlers.Pr
>>>>> edicateHandler.handleRequest(
>>>>>
>>>>>> PredicateHandler.java:43)
>>>>>>
>>>>> at io.undertow.servlet.handlers.security.
>>>>>
>>>>>> SSLInformationAssociationHandler.handleRequest(
>>>>>> SSLInformationAssociationHandler.java:131)
>>>>>>
>>>>> at io.undertow.servlet.handlers.security.
>>>>>
>>>>>> ServletAuthenticationCallHandler.handleRequest(
>>>>>> ServletAuthenticationCallHandler.java:57)
>>>>>>
>>>>> at io.undertow.server.handlers.Pr
>>>>> edicateHandler.handleRequest(
>>>>>
>>>>>> PredicateHandler.java:43)
>>>>>>
>>>>> at io.undertow.security.handlers.
>>>>> AbstractConfidentialityHandler
>>>>>
>>>>>> .handleRequest(AbstractConfidentialityHandler.java:46)
>>>>>>
>>>>> at io.undertow.servlet.handlers.security.
>>>>>
>>>>>> ServletConfidentialityConstraintHandler.handleRequest(
>>>>>> ServletConfidentialityConstraintHandler.java:64)
>>>>>>
>>>>> at io.undertow.security.handlers.
>>>>> AuthenticationMechanismsHandle
>>>>>
>>>>>> r.handleRequest(AuthenticationMechanismsHandler.java:60)
>>>>>>
>>>>> at io.undertow.servlet.handlers.security.
>>>>>
>>>>>> CachedAuthenticatedSessionHandler.handleRequest(
>>>>>> CachedAuthenticatedSessionHandler.java:77)
>>>>>>
>>>>> at io.undertow.security.handlers.NotificationReceiverHandler.
>>>>>
>>>>>> handleRequest(NotificationReceiverHandler.java:50)
>>>>>>
>>>>> at io.undertow.security.handlers.
>>>>> AbstractSecurityContextAssocia
>>>>>
>>>>>> tionHandler.handleRequest(AbstractSecurityContextAssocia
>>>>>> tionHandler.java:43)
>>>>>>
>>>>> at io.undertow.server.handlers.Pr
>>>>> edicateHandler.handleRequest(
>>>>>
>>>>>> PredicateHandler.java:43)
>>>>>>
>>>>> at org.wildfly.extension.undertow.security.jacc.
>>>>>
>>>>>> JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
>>>>>>
>>>>> at io.undertow.server.handlers.Pr
>>>>> edicateHandler.handleRequest(
>>>>>
>>>>>> PredicateHandler.java:43)
>>>>>>
>>>>> at io.undertow.server.handlers.Pr
>>>>> edicateHandler.handleRequest(
>>>>>
>>>>>> PredicateHandler.java:43)
>>>>>>
>>>>> at io.undertow.servlet.handlers.ServletInitialHandler.
>>>>>
>>>>>> handleFirstRequest(ServletInitialHandler.java:284)
>>>>>>
>>>>> at io.undertow.servlet.handlers.ServletInitialHandler.
>>>>>
>>>>>> dispatchRequest(ServletInitialHandler.java:263)
>>>>>>
>>>>> at io.undertow.servlet.handlers.ServletInitialHandler.access$
>>>>>
>>>>>> 000(ServletInitialHandler.java:81)
>>>>>>
>>>>> at io.undertow.servlet.handlers.ServletInitialHandler$1.
>>>>>
>>>>>> handleRequest(ServletInitialHandler.java:174)
>>>>>>
>>>>> at io.undertow.server.Connectors.
>>>>> executeRootHandler(Connectors.
>>>>>
>>>>>> java:202)
>>>>>>
>>>>> at io.undertow.server.HttpServerExchange$1.run(
>>>>>
>>>>>> HttpServerExchange.java:793)
>>>>>>
>>>>> at java.util.concurrent.ThreadPoolExecutor.runWorker(
>>>>>
>>>>>> ThreadPoolExecutor.java:1142)
>>>>>>
>>>>> at java.util.concurrent.ThreadPoolExecutor$Worker.run(
>>>>>
>>>>>> ThreadPoolExecutor.java:617)
>>>>>>
>>>>> at java.lang.Thread.run(Thread.java:745)
>>>>>
>>>>> Caused by: javax.naming.directory.InvalidAttributeIdentifierException:
>>>>>
>>>>>> [LDAP: error code 17 - pwdLastSet: attribute type undefined];
>>>>>> remaining
>>>>>> name 'uid=11111111111,dc=zz,dc=dd,dc=aa'
>>>>>>
>>>>> at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3205)
>>>>>
>>>>> at com.sun.jndi.ldap.LdapCtx.proc
>>>>> essReturnCode(LdapCtx.java:3082)
>>>>>
>>>>> at com.sun.jndi.ldap.LdapCtx.proc
>>>>> essReturnCode(LdapCtx.java:2888)
>>>>>
>>>>> at com.sun.jndi.ldap.LdapCtx.c_mo
>>>>> difyAttributes(LdapCtx.java:1475)
>>>>>
>>>>> at com.sun.jndi.toolkit.ctx.Compo
>>>>> nentDirContext.p_modifyAttributes(
>>>>>
>>>>>> ComponentDirContext.java:277)
>>>>>>
>>>>> at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.
>>>>>
>>>>>> modifyAttributes(PartialCompositeDirContext.java:192)
>>>>>>
>>>>> at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.
>>>>>
>>>>>> modifyAttributes(PartialCompositeDirContext.java:181)
>>>>>>
>>>>> at javax.naming.directory.InitialDirContext.modifyAttributes(
>>>>>
>>>>>> InitialDirContext.java:167)
>>>>>>
>>>>> at javax.naming.directory.InitialDirContext.modifyAttributes(
>>>>>
>>>>>> InitialDirContext.java:167)
>>>>>>
>>>>> at org.keycloak.federation.ldap.idm.store.ldap.
>>>>>
>>>>>> LDAPOperationManager$6.execute(LDAPOperationManager.java:405)
>>>>>>
>>>>> at org.keycloak.federation.ldap.idm.store.ldap.
>>>>>
>>>>>> LDAPOperationManager$6.execute(LDAPOperationManager.java:402)
>>>>>>
>>>>> at org.keycloak.federation.ldap.idm.store.ldap.
>>>>>
>>>>>> LDAPOperationManager.execute(LDAPOperationManager.java:535)
>>>>>>
>>>>> at org.keycloak.federation.ldap.i
>>>>> dm.store.ldap.LDAPOperationManager.
>>>>>
>>>>>> modifyAttributes(LDAPOperationManager.java:402)
>>>>>>
>>>>> ... 59 more
>>>>>
>>>>> 2017-03-08 11:05:28,865 WARN [org.keycloak.events] (default task-6)
>>>>>
>>>>>> type=LOGIN_ERROR, realmId=myrealm, clientId=teste-portal, userId=null,
>>>>>> ipAddress=xxx.xxx.xxx.xxx, error=invalid_user_credentials,
>>>>>> auth_method=openid-connect, auth_type=code, redirect_uri=
>>>>>> http://127.0.0.1:
>>>>>> 8080/teste-portal/
>>>>>>
>>>>>
>>>>> and then, I got this result in my ldap:
>>>>>
>>>>> dn: uid=11111111111,dc=zz,dc=dd,dc=aa
>>>>>
>>>>> givenName:: IA==
>>>>>
>>>>> uid: 11111111111
>>>>>
>>>>> objectClass: top
>>>>>
>>>>> objectClass: inetOrgPerson
>>>>>
>>>>> objectClass: person
>>>>>
>>>>> objectClass: organizationalPerson
>>>>>
>>>>> objectClass: phpgwAccount
>>>>>
>>>>> objectClass: shadowAccount
>>>>>
>>>>> sn:: IA==
>>>>>
>>>>> cn:: IA==
>>>>>
>>>>> structuralObjectClass: inetOrgPerson
>>>>>
>>>>> entryUUID: 07f0e7caxxxxxxxxxxx
>>>>>
>>>>> creatorsName: cn=admin,dc=zz,dc=dd,dc=aa
>>>>>
>>>>> createTimestamp: 20170308140529Z
>>>>>
>>>>> entryCSN: 20170308140529.527857Z#000000#000#000000
>>>>>
>>>>> modifiersName: cn=admin,dc=zz,dc=dd,dc=aa
>>>>>
>>>>> modifyTimestamp: 20170308140529Z
>>>>>
>>>>>
>>>>> So, I wrote the uid as 11111111111, but I didn't set the sn, cn and
>>>>> givenName as 'IA=='. It looks like some problem occurs in my
>>>>> configuration.
>>>>>
>>>>> please, need help!!
>>>>>
>>>>>
>>>>> Best Regards,
>>>>>
>>>>>
>>>>
>>>
>>>
>>> --
>>> ---
>>> *Celso Agra*
>>>
>>
>>
>>
>> --
>> ---
>> *Celso Agra*
>>
>>
>>
>
>
> --
> ---
> *Celso Agra*
>
--
---
*Celso Agra*
More information about the keycloak-user
mailing list