<div dir="ltr">Hi Marek,<div>Indeed it was.</div><div><br></div><div>Thanks a lot,</div><div>Adrian</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Dec 2, 2015 at 3:30 PM, Marek Posolda <span dir="ltr">&lt;<a href="mailto:mposolda@redhat.com" target="_blank">mposolda@redhat.com</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">

  <div text="#000000" bgcolor="#FFFFFF">

    <div>I think it&#39;s the password policy issue

      on AD side. See <a href="http://ldapwiki.willeke.com/wiki/WILL_NOT_PERFORM" target="_blank">http://ldapwiki.willeke.com/wiki/WILL_NOT_PERFORM</a>

      and especially the part related to your error code 0000052D<br>

      <br>

      Marek<div><div class="h5"><font color="#ff0000"><br>

        <br>

      </font>On 02/12/15 14:02, Adrian Matei wrote:<br>

    </div></div></div>

    <blockquote type="cite"><div><div class="h5">

      <div dir="ltr">hi,

        <div><br>

        </div>

        <div>has anybody got the following type of error when trying to

          add/passwords using AD as user federation:</div>

        <div><br>

        </div>

        <blockquote style="margin:0 0 0 40px;border:none;padding:0px">

          <div>

            <div><font color="#ff0000">Caused by:

                javax.naming.OperationNotSupportedException: [LDAP:

                error code 53 - 0000052D: SvcErr: DSID-031A12D2, problem

                5003 <b>(WILL_NOT_PERFORM)</b>, data 0</font></div>

          </div>

          <div>

            <div><font color="#ff0000">]; remaining name

                &#39;CN=ama,OU=Keycloakmanaged,OU=Test,DC=extnett,DC=xxx,DC=yy&#39;</font></div>

          </div>

          <div>

            <div><font color="#ff0000"><span style="white-space:pre-wrap">        </span>at

com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3160)</font></div>

          </div>

          <div>

            <div><font color="#ff0000"><span style="white-space:pre-wrap">        </span>at

com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3033)</font></div>

          </div>

          <div>

            <div><font color="#ff0000"><span style="white-space:pre-wrap">        </span>at

com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2840)</font></div>

          </div>

          <div>

            <div><font color="#ff0000"><span style="white-space:pre-wrap">        </span>at

com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1478)</font></div>

          </div>

          <div>

            <div><font color="#ff0000"><span style="white-space:pre-wrap">        </span>at

com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:273)</font></div>

          </div>

          <div>

            <div><font color="#ff0000"><span style="white-space:pre-wrap">        </span>at

com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:190)</font></div>

          </div>

          <div>

            <div><font color="#ff0000"><span style="white-space:pre-wrap">        </span>at

com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:179)</font></div>

          </div>

          <div>

            <div><font color="#ff0000"><span style="white-space:pre-wrap">        </span>at

javax.naming.directory.InitialDirContext.modifyAttributes(InitialDirContext.java:167)</font></div>

          </div>

          <div>

            <div><font color="#ff0000"><span style="white-space:pre-wrap">        </span>at

javax.naming.directory.InitialDirContext.modifyAttributes(InitialDirContext.java:167)</font></div>

          </div>

          <div>

            <div><font color="#ff0000"><span style="white-space:pre-wrap">        </span>at

org.keycloak.federation.ldap.idm.store.ldap.LDAPOperationManager$6.execute(LDAPOperationManager.java:386)</font></div>

          </div>

          <div>

            <div><font color="#ff0000"><span style="white-space:pre-wrap">        </span>at

org.keycloak.federation.ldap.idm.store.ldap.LDAPOperationManager$6.execute(LDAPOperationManager.java:383)</font></div>

          </div>

          <div>

            <div><font color="#ff0000"><span style="white-space:pre-wrap">        </span>at

org.keycloak.federation.ldap.idm.store.ldap.LDAPOperationManager.execute(LDAPOperationManager.java:519)</font></div>

          </div>

          <div>

            <div><font color="#ff0000"><span style="white-space:pre-wrap">        </span>at

org.keycloak.federation.ldap.idm.store.ldap.LDAPOperationManager.modifyAttributes(LDAPOperationManager.java:383)</font></div>

          </div>

          <div>

            <div><font color="#ff0000"><span style="white-space:pre-wrap">        </span>...

                64 more</font></div>

          </div>

        </blockquote>

        <div><br>

        </div>

        <div><br>

        </div>

        <div>I get the same error when I try to &quot;manually&quot; add the <i>unicodePwd

          </i>via the ApacheDirectoryStudio for example...</div>

        <div>The connection is over SSL and both parties trust each

          other...</div>

        <div><br>

        </div>

        <div>Thanks,</div>

        <div>Adrian</div>

      </div>

      <br>

      <fieldset></fieldset>

      <br>

      </div></div><pre>_______________________________________________

keycloak-user mailing list

<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a>

<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>

    </blockquote>

    <br>

  </div>

</blockquote></div><br></div>