Details

    • Steps to Reproduce:
      Hide

      1. Have a realm with 1000 groups, user federation with LDAP
      1. Use the group mapper to sync groups from Keycloak to LDAP. The first sync will succeed
      1. Try to sync again, it will fail

      Show
      1. Have a realm with 1000 groups, user federation with LDAP 1. Use the group mapper to sync groups from Keycloak to LDAP. The first sync will succeed 1. Try to sync again, it will fail
    • Docs QE Status:
      NEW
    • QE Status:
      NEW

      Description

      Hi,

      we've recently tried to cross the border of having 1000 groups in Keycloak. However, the group mapper is now failing whenever we try to sync them from Keycloak to the LDAP (keycloakToFed).

      Error:

      [org.keycloak.services.error.KeycloakErrorHandler] (default task-6) Uncaught server error: org.keycloak.models.ModelException: Error creating subcontext [cn=test-syncback-1000,OU=groups,OU=mydiv,OU=MYCOMP,DC=ad,DC=dev,DC=platform,DC=mycompany,DC=io]
      ...
      [LDAP: error code 68 - 00002071: UpdErr: DSID-0305038D, problem 6005 (ENTRY_EXISTS),
      

      I'm attaching a text file with the full traceback.
      We found a relevant issue which has been closed: https://issues.jboss.org/browse/KEYCLOAK-2640

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  Unassigned
                  Reporter:
                  jchristop Jan Christophersen
                • Votes:
                  1 Vote for this issue
                  Watchers:
                  3 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: