search cancel

Unable to create/search User in Identity and Access Manager

book

Article ID: 212459

calendar_today

Updated On:

Products

CA Application Test Service Virtualization

Issue/Introduction

It is impossible to search user and unable to create local user at the "Manage"->"Users" part in the Identity and Access Manager which is integrated with LDAP. And got the error message in the server.log file like below:

2021-04-02 14:37:48,342 ERROR [org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager] (default task-124) Could not query server using DN [ou=Level 2,ou=User Accounts,DC=xxaa,DC=yyysss01,DC=com] and filter [(&(cn=username)(objectclass=person)(objectclass=organizationalPerson)(objectclass=user))]: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090453, comment: AcceptSecurityContext error, data 568, v3839 ]

Cause

There was a problem in a provider in the "User  Federation" part in the  Identity and Access Manager when pushing "Test authentication" button in its "Settings" tab.

In detail, getting the error messages like below:

Environment

All supported DevTest releases.

Resolution

In this case, several providers are defined in the User Federation part in the Identity and Access Manager.

And only one provider includes the problem.

By disabling the provider which had problem solved the problem.

Attachments