Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-13822

When users are deleted from LDAP - Multiple server issues when using LDAP user federation without importing users

    XMLWordPrintable

Details

    • Hide
      • Configure a User Federation- add a LDAP provider config and turn off import users
      • Create some user managed resources
      • Delete a user in the LDAP server (who has some managed resources in Keycloak)
      • (Until this point, everything is still working)
      • Update the LDAP provider config (for example just change the "priority")
      • Save the changes
      Show
      Configure a User Federation- add a LDAP provider config and turn off import users Create some user managed resources Delete a user in the LDAP server (who has some managed resources in Keycloak) (Until this point, everything is still working) Update the LDAP provider config (for example just change the "priority") Save the changes
    • NEW
    • NEW

    Description

      In version 9.0.2, I'm observing multiple problems in the Keycloak server when using an LDAP configuration without importing users, when a user is deleted from the LDAP server.

      Some REST API with deep search return an internal server error, for example:
      /authz/protection/resource_set?deep=true
      /authz/protection/permission/ticket?returnNames=true

      Even the the Keycloak admin console contains error (http://SERVER/auth/admin/master/console/#/realms/REALM/clients/CLIENTID/authz/resource-server/resource)
      and is not able to display resources for users still present in LDAP

      Attachments

        Activity

          People

            psilva@redhat.com Pedro Igor Craveiro
            sebastienve Sebastien Veyriere (Inactive)
            Votes:
            1 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

              Created:
              Updated: