<div dir="ltr"><div><span style="font-size:12.8000001907349px">I'm trying do add a new user federation provider for integrate keycloak with a ldap server.</span><div style="font-size:12.8000001907349px"><br></div><div style="font-size:12.8000001907349px">The parameters:</div><span style="font-size:12.8000001907349px">Console display name -> Active Directory</span><div style="font-size:12.8000001907349px">Priority -> 0</div><div style="font-size:12.8000001907349px">Edit Mode -> READ_ONLY</div><div style="font-size:12.8000001907349px">Sync Registrations -> OFF</div><div style="font-size:12.8000001907349px">Vendor -> Active Directory</div><div style="font-size:12.8000001907349px">Username LDAP attribute -> sAMAccountName</div><div style="font-size:12.8000001907349px">User Object Classes -> person, organizationPerson, user</div><div style="font-size:12.8000001907349px">Connection URL -> ldap://<a href="http://dom.example.com:389/" target="_blank">dom.example.com:389</a></div><div style="font-size:12.8000001907349px">Base DN -> DC=dom,DC=example,DC=com</div><div style="font-size:12.8000001907349px">User DN Suffix -> CN=Users</div><div style="font-size:12.8000001907349px">Bind DN -> CN=Keycloak.LDAP;CN=Users;DC=dom,DC=example,DC=com</div><span style="font-size:12.8000001907349px">Bind Credential -> ********</span><div style="font-size:12.8000001907349px">Connection pooling -> ON</div><div style="font-size:12.8000001907349px">Pagination -> ON</div><div style="font-size:12.8000001907349px">Enable Account After Password Update -> OFF</div><div style="font-size:12.8000001907349px">Batch Size -> 100</div><div style="font-size:12.8000001907349px">Periodic Full Sync -> OFF</div><div style="font-size:12.8000001907349px">Periodic changed users sync -> ON</div><div style="font-size:12.8000001907349px">Changed users sync period -> 86400</div><div style="font-size:12.8000001907349px"><br></div><div style="font-size:12.8000001907349px">I tried change User DN Suffix to only Users, but it not works. The log always saying:</div><div style="font-size:12.8000001907349px">LDAP: error code 1 - 000020D6: SvcErr: DSID-031007DB, problem 5012 (DIR_ERROR)</div><div style="font-size:12.8000001907349px">And it says this when it tries to parse the User DN Suffix.</div><div style="font-size:12.8000001907349px"><br></div><div style="font-size:12.8000001907349px">Theres something wrong with my conf?</div></div><br clear="all"><div><div class="gmail_signature"><div dir="ltr">Ayrton Araújo<br><div><font face="'trebuchet ms', sans-serif"><font size="1">"If you can tell the false from the true </font><span style="font-size:x-small">you are already a scientist."</span></font></div><div><br></div><div>--<br><div><a href="http://ayr-ton.net/" target="_blank">http://ayr-ton.net/</a></div></div></div></div></div>
</div>