search cancel

Unable to login with our LDAP ID's even after syncing the user groups in Devtest IAM


Article ID: 201052


Updated On:


CA Cloud Test Mobile CA Application Test


    We have synced the LDAP groups in Identity access manager and it was successful as well. When trying to login user our LDAP credentials, it giving an error "Server error, can not authenticate user. Please make sure the Registry service is running."

We noticed below error in server.log file.

2020-10-08 01:12:07,385 ERROR [] (default task-10) Uncaught server error: org.keycloak.models.ModelException: User returned from LDAP has null username! Check configuration of your LDAP mappings. Mapped username LDAP attribute: sAMAccountName, user DN: CN=xxxxxxx,OU=TEST12,OU=Users,OU=Chicago,OU=Enterprise Support,DC=ent,DC=ad,DC=ca,DC=com, attributes from LDAP: {whenChanged=[20201001062443.0Z], whenCreated=[20200116151125.0Z], mail=[te[email protected]], givenName=[xxxxx], sn=[xxxxxx], cn=[xxxxx xxxxx], userAccountControl=[123], pwdLastSet=[132421139064417927]}



Release : 10.6

Component : CA Service Virtualization


Since username has default value "cn" and searching with username which is an attribute of sAMAccountName. Due to this, LDAP search is failed.

To resolve this,changed username mapping value to sAMAccountName in LDAP mapping section.