ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Unable to create/search User in Identity and Access Manager

book

Article ID: 212459

calendar_today

Updated On:

Products

CA Application Test

Issue/Introduction

It is impossible to search user and unable to create local user at the "Manage"->"Users" part in the Identity and Access Manager which is integrated with LDAP. And got the error message in the server.log file like below:

2021-04-02 14:37:48,342 ERROR [org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager] (default task-124) Could not query server using DN [ou=Level 2,ou=User Accounts,DC=xxaa,DC=yyysss01,DC=com] and filter [(&(cn=username)(objectclass=person)(objectclass=organizationalPerson)(objectclass=user))]: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090453, comment: AcceptSecurityContext error, data 568, v3839 ]

Cause

There was a problem in a provider in the "User  Federation" part in the  Identity and Access Manager when pushing "Test authentication" button in its "Settings" tab.

In detail, getting the error messages like below:

Environment

Release : 10.6

Component : CA Service Virtualization

Resolution

In this case, several providers are defined in the User Federation part in the Identity and Access Manager.
And only one provider includes the problem.
By disabling the provider which had problem solved the problem.

Attachments