<html>
  <head>
    <meta content="text/html; charset=windows-1252"
      http-equiv="Content-Type">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    <div class="moz-cite-prefix">I think it's the password policy issue
      on AD side. See <a class="moz-txt-link-freetext" href="http://ldapwiki.willeke.com/wiki/WILL_NOT_PERFORM">http://ldapwiki.willeke.com/wiki/WILL_NOT_PERFORM</a>
      and especially the part related to your error code 0000052D<br>
      <br>
      Marek<font color="#ff0000"><br>
        <br>
      </font>On 02/12/15 14:02, Adrian Matei wrote:<br>
    </div>
    <blockquote
cite="mid:CAG=THF3pdP6sjKnh8v6Jxxs7X16UFrVCz+mJqni8OZ=adHm+-A@mail.gmail.com"
      type="cite">
      <div dir="ltr">hi,
        <div><br>
        </div>
        <div>has anybody got the following type of error when trying to
          add/passwords using AD as user federation:</div>
        <div><br>
        </div>
        <blockquote style="margin:0 0 0 40px;border:none;padding:0px">
          <div>
            <div><font color="#ff0000">Caused by:
                javax.naming.OperationNotSupportedException: [LDAP:
                error code 53 - 0000052D: SvcErr: DSID-031A12D2, problem
                5003 <b>(WILL_NOT_PERFORM)</b>, data 0</font></div>
          </div>
          <div>
            <div><font color="#ff0000">]; remaining name
                'CN=ama,OU=Keycloakmanaged,OU=Test,DC=extnett,DC=xxx,DC=yy'</font></div>
          </div>
          <div>
            <div><font color="#ff0000"><span class="" style="white-space:pre">        </span>at
com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3160)</font></div>
          </div>
          <div>
            <div><font color="#ff0000"><span class="" style="white-space:pre">        </span>at
com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3033)</font></div>
          </div>
          <div>
            <div><font color="#ff0000"><span class="" style="white-space:pre">        </span>at
com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2840)</font></div>
          </div>
          <div>
            <div><font color="#ff0000"><span class="" style="white-space:pre">        </span>at
com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1478)</font></div>
          </div>
          <div>
            <div><font color="#ff0000"><span class="" style="white-space:pre">        </span>at
com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:273)</font></div>
          </div>
          <div>
            <div><font color="#ff0000"><span class="" style="white-space:pre">        </span>at
com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:190)</font></div>
          </div>
          <div>
            <div><font color="#ff0000"><span class="" style="white-space:pre">        </span>at
com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:179)</font></div>
          </div>
          <div>
            <div><font color="#ff0000"><span class="" style="white-space:pre">        </span>at
javax.naming.directory.InitialDirContext.modifyAttributes(InitialDirContext.java:167)</font></div>
          </div>
          <div>
            <div><font color="#ff0000"><span class="" style="white-space:pre">        </span>at
javax.naming.directory.InitialDirContext.modifyAttributes(InitialDirContext.java:167)</font></div>
          </div>
          <div>
            <div><font color="#ff0000"><span class="" style="white-space:pre">        </span>at
org.keycloak.federation.ldap.idm.store.ldap.LDAPOperationManager$6.execute(LDAPOperationManager.java:386)</font></div>
          </div>
          <div>
            <div><font color="#ff0000"><span class="" style="white-space:pre">        </span>at
org.keycloak.federation.ldap.idm.store.ldap.LDAPOperationManager$6.execute(LDAPOperationManager.java:383)</font></div>
          </div>
          <div>
            <div><font color="#ff0000"><span class="" style="white-space:pre">        </span>at
org.keycloak.federation.ldap.idm.store.ldap.LDAPOperationManager.execute(LDAPOperationManager.java:519)</font></div>
          </div>
          <div>
            <div><font color="#ff0000"><span class="" style="white-space:pre">        </span>at
org.keycloak.federation.ldap.idm.store.ldap.LDAPOperationManager.modifyAttributes(LDAPOperationManager.java:383)</font></div>
          </div>
          <div>
            <div><font color="#ff0000"><span class="" style="white-space:pre">        </span>...
                64 more</font></div>
          </div>
        </blockquote>
        <div><br>
        </div>
        <div><br>
        </div>
        <div>I get the same error when I try to "manually" add the <i>unicodePwd
          </i>via the ApacheDirectoryStudio for example...</div>
        <div>The connection is over SSL and both parties trust each
          other...</div>
        <div><br>
        </div>
        <div>Thanks,</div>
        <div>Adrian</div>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
keycloak-user mailing list
<a class="moz-txt-link-abbreviated" href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a>
<a class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/keycloak-user">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>
    </blockquote>
    <br>
  </body>
</html>