DevTest IAM Error: org.keycloak.models.ModelException: User returned from LDAP has null uuid!
book
Article ID: 129535
calendar_today
Updated On:
Products
CA Application TestService VirtualizationCA Continuous Application Insight (PathFinder)
Issue/Introduction
Getting this error is DevTest IAM server.log when logging in with LDAP credentials to IAM:
2019-03-14 15:17:00,676 ERROR [org.keycloak.services.error.KeycloakErrorHandler] (default task-38) Uncaught server error: org.keycloak.models.ModelException: User returned from LDAP has null uuid! Check configuration of your LDAP settings. UUID Attribute must be unique among your LDAP records and available on all the LDAP user records. If your LDAP server really doesn't support the notion of UUID, you can use any other attribute, which is supposed to be unique among LDAP users in tree. For example 'uid' or 'entryDN' . Mapped UUID LDAP attribute: objectGUID, user DN: cn=USER2,ou=internal,o=key
Cause
LDAP server being used does not support the notion of UUID.
Environment
Release: Component: ITKOTF
Resolution
Within IAM, set the value of "UUID LDAP Attribute" to uid on the User Federation Settings page.
In another LDAP system with this error, there was an employee-number that uniquely identified the user. After using that in the "UUID LDAP Attribute" field, the error 'User returned from LDAP has null uuid' was resolved.