5:37 a.m.
Hello, i created a new ldap federation in the keycloak settings and
imported all users. The thing is that the username attribute was mapped to
the ldap cn attribute whereas the username in active directory is
sAMAccountName. Therefore i changed the ldapAttribute to that.
Now when i go to my ldap settings page and click on "Synchronize" the users
fail to update and i am getting this error:
13:31:53,899 ERROR
[org.keycloak.federation.ldap.LDAPFederationProviderFactory] (default
task-25) Failed during import user from LDAP: org.keycloak.mo
dels.ModelException: User returned from LDAP has null username! Check
configuration of your LDAP mappings. Mapped username LDAP attribute: cn,
user DN
: CN=internal2 lastname,OU=DTPH,DC=dls,DC=lan, attributes from LDAP:
{whenChanged=[20160217110433.0Z], whenCreated=[20160217110433.0Z],
sAMAccountName
=[internal2], givenName=[internal2], sn=[lastname],
userAccountControl=[512], pwdLastSet=[131001806735067575]}
If u put it back to cn it works, but i want to use sAMAccountName for the
username.
Why does this happen ?
6:48 a.m.
Hi Porfyrios,
Not completely sure but it might be this issue or related to it:
https://issues.jboss.org/browse/KEYCLOAK-2403
?
cheers
On 17 Feb 2016, at 12:37, Porfyrios Vasileiou
<porfyrios.vasileiou@gmail.com<mailto:porfyrios.vasileiou@gmail.com>> wrote:
Hello, i created a new ldap federation in the keycloak settings and imported all users.
The thing is that the username attribute was mapped to the ldap cn attribute whereas the
username in active directory is sAMAccountName. Therefore i changed the ldapAttribute to
that.
Now when i go to my ldap settings page and click on "Synchronize" the users fail
to update and i am getting this error:
13:31:53,899 ERROR [org.keycloak.federation.ldap.LDAPFederationProviderFactory] (default
task-25) Failed during import user from LDAP:
org.keycloak.mo<http://org.keycloak.mo/>
dels.ModelException: User returned from LDAP has null username! Check configuration of
your LDAP mappings. Mapped username LDAP attribute: cn, user DN
: CN=internal2 lastname,OU=DTPH,DC=dls,DC=lan, attributes from LDAP:
{whenChanged=[20160217110433.0Z], whenCreated=[20160217110433.0Z], sAMAccountName
=[internal2], givenName=[internal2], sn=[lastname], userAccountControl=[512],
pwdLastSet=[131001806735067575]}
If u put it back to cn it works, but i want to use sAMAccountName for the username.
Why does this happen ?
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user
2:45 p.m.
I guess you changed just "Username LDAP attribute" but you didn't change
the username mapper? See "mappers" tab under ldap federation provider.
When you create new LDAP federation provider, there are some set of
default LDAP mappers automatically created. There is best effort to
create set of mappers based on the initial configuration you provided.
But once you later update the configuration, the mappers are not updated
anymore (because it's chance you already did some changes to mapper
configuration in the meantime).
If you can't figure mapper configuration, you can try to create
federationProvider from the scratch with the "sAMAccountName" from the
start.
Hope it helps,
Marek
On 17/02/16 12:37, Porfyrios Vasileiou wrote:
Hello, i created a new ldap federation in the keycloak settings and
imported all users. The thing is that the username attribute was
mapped to the ldap cn attribute whereas the username in active
directory is sAMAccountName. Therefore i changed the ldapAttribute to
that.
Now when i go to my ldap settings page and click on "Synchronize" the
users fail to update and i am getting this error:
13:31:53,899 ERROR
[org.keycloak.federation.ldap.LDAPFederationProviderFactory] (default
task-25) Failed during import user from LDAP: org.keycloak.mo
<http://org.keycloak.mo>
dels.ModelException: User returned from LDAP has null username! Check
configuration of your LDAP mappings. Mapped username LDAP attribute:
cn, user DN
: CN=internal2 lastname,OU=DTPH,DC=dls,DC=lan, attributes from LDAP:
{whenChanged=[20160217110433.0Z], whenCreated=[20160217110433.0Z],
sAMAccountName
=[internal2], givenName=[internal2], sn=[lastname],
userAccountControl=[512], pwdLastSet=[131001806735067575]}
If u put it back to cn it works, but i want to use sAMAccountName for
the username.
Why does this happen ?
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
3027
days inactive
3027
days old
2 comments
3 participants
participants (3)
-
Edgar Vonk - Info.nl -
Marek Posolda -
Porfyrios Vasileiou