DevTest IAM Error: org.keycloak.models.ModelException: User returned from LDAP has null uuid!
Article ID: 129535
CA Application TestService VirtualizationCA Continuous Application Insight (PathFinder)
Getting this error is DevTest IAM server.log when logging in with LDAP credentials to IAM:
2019-03-14 15:17:00,676 ERROR [org.keycloak.services.error.KeycloakErrorHandler] (default task-38) Uncaught server error: org.keycloak.models.ModelException: User returned from LDAP has null uuid! Check configuration of your LDAP settings. UUID Attribute must be unique among your LDAP records and available on all the LDAP user records. If your LDAP server really doesn't support the notion of UUID, you can use any other attribute, which is supposed to be unique among LDAP users in tree. For example 'uid' or 'entryDN' . Mapped UUID LDAP attribute: objectGUID, user DN: cn=USER2,ou=internal,o=key
LDAP server being used does not support the notion of UUID.
Release: Component: ITKOTF
Within IAM, set the value of "UUID LDAP Attribute" to uid on the User Federation Settings page.
In another LDAP system with this error, there was an employee-number that uniquely identified the user. After using that in the "UUID LDAP Attribute" field, the error 'User returned from LDAP has null uuid' was resolved.