DevTest IAM Error: org.keycloak.models.ModelException: User returned from LDAP has null uuid!

book

Article ID: 129535

calendar_today

Updated On:

Products

CA Application Test Service Virtualization CA Continuous Application Insight (PathFinder)

Issue/Introduction

Getting this error is DevTest IAM server.log when logging in with LDAP credentials to IAM:

2019-03-14 15:17:00,676 ERROR [org.keycloak.services.error.KeycloakErrorHandler] (default task-38) Uncaught server error: org.keycloak.models.ModelException: User returned from LDAP has null uuid! Check configuration of your LDAP settings. UUID Attribute must be unique among your LDAP records and available on all the LDAP user records. If your LDAP server really doesn't support the notion of UUID, you can use any other attribute, which is supposed to be unique among LDAP users in tree. For example 'uid' or 'entryDN' . Mapped UUID LDAP attribute: objectGUID, user DN: cn=USER2,ou=internal,o=key

Cause

LDAP server being used does not support the notion of UUID.

Environment

Release:
Component: ITKOTF

Resolution

Within IAM, set the value of "UUID LDAP Attribute" to uid on the User Federation Settings page.

In another LDAP system with this error, there was an employee-number that uniquely identified the user.
After using that in the "UUID LDAP Attribute" field, the error 'User returned from LDAP has null uuid' was resolved.