<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">Could you please create JIRA for this?<br>
<br>
Thanks,<br>
Marek<br>
<br>
On 09/08/16 15:56, Edgar Vonk - Info.nl wrote:<br>
</div>
<blockquote cite="mid:8F784300-4515-4448-8381-0B55EB457362@info.nl"
type="cite">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
Hi Marek,
<div class=""><br class="">
</div>
<div class="">Sorry, never mind. We were missing the ‘cn’ user
attribute mapper for some reason.. Adding this mapper fixes the
issue. I did manage to reproduce the issue by debugging (using
my IDE) the Keycloak source code in LDAPUtils#addUserToLDAP</div>
<div class=""><br class="">
</div>
<div class="">In UsersResource#createUser a ModelException is
caught but never logged so this information gets lost
completely: </div>
<div class=""><br class="">
</div>
<div class=""><br class="">
</div>
<div class="">catch (ModelException me){<br class="">
if (session.getTransaction().isActive()) {<br class="">
session.getTransaction().setRollbackOnly();<br class="">
}<br class="">
return ErrorResponse.exists("Could not create user");<br
class="">
}</div>
<div class=""><br class="">
</div>
<div class=""><br class="">
</div>
<div class="">It would be great if some exception logging could be
added to this class to help in troubleshooting.</div>
<div class=""><br class="">
</div>
<div class="">cheers</div>
<div class=""><br class="">
</div>
<div class="">Edgar</div>
<div class=""><br class="">
</div>
<div class="">
<div>
<blockquote type="cite" class="">
<div class="">On 09 Aug 2016, at 15:07, Marek Posolda <<a
moz-do-not-send="true" href="mailto:mposolda@redhat.com"
class=""><a class="moz-txt-link-abbreviated" href="mailto:mposolda@redhat.com">mposolda@redhat.com</a></a>> wrote:</div>
<br class="Apple-interchange-newline">
<div class="">
<div bgcolor="#FFFFFF" text="#000000" class="">
<div class="moz-cite-prefix">Maybe enable LDAP logging
will help? You can enable TRACE logging for
"org.keycloak.federation.<span
style="background-color:#e4e4ff;" class="">ldap" in
standalone.xml and see what's logged into server.log
when you try to create Keycloak user?<br class="">
<br class="">
Marek<br class="">
</span><br class="">
On 09/08/16 10:18, Edgar Vonk - <a
moz-do-not-send="true" href="http://info.nl"
class="">Info.nl</a> wrote:<br class="">
</div>
<blockquote
cite="mid:3286EE03-E0AC-41DE-8F7F-29FE963D990B@info.nl"
type="cite" class="">
<pre class="" wrap="">Hi,
We no longer seem to be able to create new users in Keycloak with the LDAP/MSAD User Federation set up with ‘Sync Registrations’ turned on.
I think this is since we migrated to Keycloak 2.0.0.Final (not 100% sure).
When I try to create a new user from Keycloak (Manage - Users) I only see the error message ‘Error! Could not create user’ but nothing else. Nothing in the logs unfortunately. Not even at the debug level.
Any pointers on where to start looking for a solution? I have the Keycloak source code available.
cheers
Edgar
_______________________________________________
keycloak-user mailing list
<a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a>
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/keycloak-user">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>
</blockquote>
<br class="">
</div>
</div>
</blockquote>
</div>
<br class="">
</div>
</blockquote>
<br>
</body>
</html>