local user login not possible after LDAP connection problem #29147
Description
Before reporting an issue
- I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.
Area
ldap
Describe the bug
Hi team,
we have configured keycloak version 24.0.3 with a ldap user federation. In addition, we have a local user with admin right for the realm as a fallback. When there are problems with the ldap connection, e.g., ldap binding credentials changes on ldap side, it is not possible to log in to the realm. Even with the local admin user.
Version
24.0.3
Regression
- The issue is a regression
Expected behavior
Administrator account stored in the local Keycloak user database can be used in case of problems connecting to your LDAP.
Actual behavior
Administrator account stored in the local Keycloak user database can not log in case of problems connecting to your LDAP.
How to Reproduce?
- setup realm
- create admin account in local keycloak database
- configure a valid LDAP connection
- Interrupt LDAP connection (e.g. changing the binding credentials or changing the ldap url)
- log in with local admin account -> log in error