Hello,
I have a newly installed Keycloak and have had a FreeIPA in network for some time.
Now I have set up a user federation via LDAP. But when I do a sync of all users everything runs without errors.
But the users are not displayed. In the database they can be found and the log does not give an error message.
2023-10-18 08:02:29,727 INFO [org.keycloak.storage.ldap.LDAPStorageProviderFactory] (executor-thread-209) Sync all users from LDAP to local store: realm: xxxxxxxxxxxxx, federation provider: FreeIPA
2023-10-18 08:02:29,862 INFO [org.keycloak.storage.ldap.LDAPStorageProviderFactory] (executor-thread-209) Sync all users finished: 2 imported users, 0 updated users
2023-10-18 07:21:36,863 INFO [org.keycloak.storage.ldap.LDAPIdentityStoreRegistry] (executor-thread-195) Creating new LDAP Store for the LDAP storage
provider: 'FreeIPA',
LDAP Configuration: {fullSyncPeriod=[86400],
pagination=[false],
startTls=[false],
usersDn=[cn=users,cn=accounts,dc=domain,dc=local],
connectionPooling=[true],
cachePolicy=[DEFAULT],
useKerberosForPasswordAuthentication=[false],
importEnabled=[true],
enabled=[true],
usernameLDAPAttribute=[uid],
bindDn=[uid=testing,cn=users,cn=accounts,dc=domain,dc=local],
changedSyncPeriod=[86400],
lastSync=[1697606491],
vendor=[rhds],
uuidLDAPAttribute=[ipaUniqueID],
connectionUrl=[ldaps://ipa.domain.local:636],
allowKerberosAuthentication=[false],
syncRegistrations=[true],
authType=[simple],
krbPrincipalAttribute=[krbPrincipalName],
customUserSearchFilter=[(|(memberof=cn=keycloak_testing,cn=groups,cn=accounts,dc=domain,dc=local))],
debug=[false],
searchScope=[2],
useTruststoreSpi=[never],
usePasswordModifyExtendedOp=[false],
trustEmail=[true],
userObjectClasses=[inetOrgPerson, organizationalPerson],
rdnLDAPAttribute=[uid],
editMode=[WRITABLE],
validatePasswordPolicy=[false],
batchSizeForSync=[1000]},
binaryAttributes: []
I think it is a config error, who has a tip for me?
Thanks and greetings
vapaa