[keycloak-user] LDAP username mapping from active directory fails
Porfyrios Vasileiou
porfyrios.vasileiou at gmail.com
Wed Feb 17 06:37:58 EST 2016
Hello, i created a new ldap federation in the keycloak settings and
imported all users. The thing is that the username attribute was mapped to
the ldap cn attribute whereas the username in active directory is
sAMAccountName. Therefore i changed the ldapAttribute to that.
Now when i go to my ldap settings page and click on "Synchronize" the users
fail to update and i am getting this error:
13:31:53,899 ERROR
[org.keycloak.federation.ldap.LDAPFederationProviderFactory] (default
task-25) Failed during import user from LDAP: org.keycloak.mo
dels.ModelException: User returned from LDAP has null username! Check
configuration of your LDAP mappings. Mapped username LDAP attribute: cn,
user DN
: CN=internal2 lastname,OU=DTPH,DC=dls,DC=lan, attributes from LDAP:
{whenChanged=[20160217110433.0Z], whenCreated=[20160217110433.0Z],
sAMAccountName
=[internal2], givenName=[internal2], sn=[lastname],
userAccountControl=[512], pwdLastSet=[131001806735067575]}
If u put it back to cn it works, but i want to use sAMAccountName for the
username.
Why does this happen ?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160217/b3a72df7/attachment.html
More information about the keycloak-user
mailing list