Error starting IAM: "an error in KeycloakApplication, mutiple LDAP objects but expecting one.."
Article ID: 143345
Updated On:
Products
Issue/Introduction
Staring IAM showing error as "an error in KeycloakApplication, mutiple LDAP objects but expecting one..".
Environment
Release : 10.5
Component : CA Application Test
Cause
This issue is caused then the settings of LDAP fetch more than one entries for same user. If is mostly because the UsersDN is set at a top of the LDAP tree and it may happen that same user is present in two or more groups in the tree identified by same attribute.
Resolution
Same user was present in two different groups under the same LDAP domain.
Requires making changes to the VALUE column for UsersDn field in the COMPONENT_CONFIG table of IAM DB, to have more granularity till the OU level.
Using an LDAP browsing tool make sure that a right filter is selected to return each user uniquely.
Steps followed at DB side:
===================================
select * from COMPONENT_CONFIG
Noted the ID column value for the usersDn value of NAME column.
update COMPONENT_CONFIG set value='' where id=''
======================================
Feedback
