Before reporting an issue

[X] I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.

Area

ldap

Describe the bug

Hi team,

we have configured keycloak version 24.0.3 with a ldap user federation. In addition, we have a local user with admin right for the realm as a fallback. When there are problems with the ldap connection, e.g., ldap binding credentials changes on ldap side, it is not possible to log in to the realm. Even with the local admin user.

Version

24.0.3

Regression

[X] The issue is a regression

Expected behavior

Administrator account stored in the local Keycloak user database can be used in case of problems connecting to your LDAP.

Actual behavior

Administrator account stored in the local Keycloak user database can not log in case of problems connecting to your LDAP.

How to Reproduce?

1. setup realm
2. create admin account in local keycloak database
3. configure a valid LDAP connection
4. Interrupt LDAP connection (e.g. changing the binding credentials or changing the ldap url)
5. log in with local admin account -> log in error

Anything else?

!keycloak-admin-login-ldap-broken