[keycloak-user] Can no longer create users in Active Directory from Keycloak

Marek Posolda mposolda at redhat.com
Wed Aug 10 05:17:20 EDT 2016 

Could you please create JIRA for this?

Thanks,
Marek

On 09/08/16 15:56, Edgar Vonk - Info.nl wrote:
> Hi Marek,
>
> Sorry, never mind. We were missing the ‘cn’ user attribute mapper for 
> some reason.. Adding this mapper fixes the issue. I did manage to 
> reproduce the issue by debugging (using my IDE) the Keycloak source 
> code in LDAPUtils#addUserToLDAP
>
> In UsersResource#createUser a ModelException is caught but never 
> logged so this information gets lost completely:
>
>
> catch (ModelException me){
>     if (session.getTransaction().isActive()) {
>         session.getTransaction().setRollbackOnly();
>     }
>     return ErrorResponse.exists("Could not create user");
> }
>
>
> It would be great if some exception logging could be added to this 
> class to help in troubleshooting.
>
> cheers
>
> Edgar
>
>> On 09 Aug 2016, at 15:07, Marek Posolda <mposolda at redhat.com 
>> <mailto:mposolda at redhat.com>> wrote:
>>
>> Maybe enable LDAP logging will help? You can enable TRACE logging for 
>> "org.keycloak.federation.ldap" in standalone.xml and see what's 
>> logged into server.log when you try to create Keycloak user?
>>
>> Marek
>>
>> On 09/08/16 10:18, Edgar Vonk - Info.nl <http://info.nl> wrote:
>>> Hi,
>>>
>>> We no longer seem to be able to create new users in Keycloak with the LDAP/MSAD User Federation set up with ‘Sync Registrations’ turned on.
>>>
>>> I think this is since we migrated to Keycloak 2.0.0.Final (not 100% sure).
>>>
>>> When I try to create a new user from Keycloak (Manage - Users) I only see the error message ‘Error! Could not create user’ but nothing else. Nothing in the logs unfortunately. Not even at the debug level.
>>>
>>> Any pointers on where to start looking for a solution? I have the Keycloak source code available.
>>>
>>> cheers
>>>
>>> Edgar
>>>
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160810/a85adb74/attachment.html

More information about the keycloak-user mailing list