Solved: Cannot Login with LDAP User and Password

gareththered · June 19, 2024, 4:03pm

I’ve just installed OpenLDAP to store user info. I’ve added it as a User Federation source in Keycloak and it seems to work. It syncs, and if I set the password in Keycloak I can verify that it’s changed in OpenLDAP by using Apache Directory Studio to verify the password. So far, so good.

However, when I try to login at the security admin console of the realm using the sameLDAP user, it point blank refuses to accept the password. The Keycloak logs don’t say much - “invalid_user_credentials” and OpenLDAP logs say nothing at all.

Does anyone have any advice on how to debug this? Or am I missing something obvious?

Thanks, Gareth

gareththered · June 19, 2024, 8:08pm

It was down to the ACLs in the end - anonymous auth ACL was blocked as I’d added an new ACL at the top of the list {0} which gave manage permission to a manager account, but forgot to add * break to the end.

Apache Directory Studio was connecting with this manager account, so that was working.

Topic		Replies	Views
LDAP failed connection blocks login user-federation	0	469	October 5, 2022
Unable to login using LDAP Imported User Getting advice authentication , user-federation , ldap , oidc	1	680	March 27, 2024
Not possible to have user credentials in keycloak while federating to LDAP? Configuring the server authentication , user-federation , ldap	0	879	November 25, 2022
Active Directory federation Configuring the server authentication , ldap	3	201	July 25, 2024
User password not read from LDAP Getting advice authentication , ldap	1	1017	July 16, 2020

Solved: Cannot Login with LDAP User and Password

Related topics