Details

    • Steps to Reproduce:
      Hide

      User logs in or clicks on forgot password.
      User puts the correct old password
      User puts a valid password according to Active Directory policy

      Show
      User logs in or clicks on forgot password. User puts the correct old password User puts a valid password according to Active Directory policy
    • Docs QE Status:
      NEW
    • QE Status:
      NEW

      Description

      I have configured Keycloak to sync with Active Directory.
      Users are able to login normally.
      Synchronization also works fine.
      But when users tries to change their password, they got an error :
      Could not modify attribute for DN [CN=bruce,OU=Users,OU=UDI,DC=zup,DC=corp]
      No more information appears in the log. Here is the log:

      21:30:38,957 WARN [org.keycloak.events] (default task-55) type=UPDATE_PASSWORD_ERROR, realmId=Santander, clientId=account, userId=428a1c30-73d7-44ff-824a-29d64bf39601, ipAddress=172.20.0.4, error=pa │
      │ ssword_rejected, reason='Could not modify attribute for DN [CN=bruce,OU=Users,OU=UDI,DC=zup,DC=corp]'

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                mposolda Marek Posolda
                Reporter:
                mariofigueiredozup Mario Figueiredo
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: