1 Reply Latest reply: Mar 28, 2012 11:58 AM by Shannon Sumner RSS

Possible GateIn with LDAP Bug

Shannon Sumner Newbie

Hello All,


I'm having trouble integrating GateIN with LDAP.  I've follwed the instructions here: https://community.jboss.org/wiki/GateInwithLDAPasadefaultuserandgroupstore.


When I make my ctxDNs point to the following OU:


Screen Shot 2012-03-28 at 9.37.14 AM.PNG

Just the Generic User shows up in the Organization Management:


Screen Shot 2012-03-28 at 9.11.21 AM.PNG

I found a post which instructs me to add the following options to the picketlink xml







This pulls in all the users - but I get these errors in the log for each local user:


SEVERE: Failed to find IdentityObject in target store:

org.picketlink.idm.common.exception.IdentityException: Found more than one identity object with name: demo; Posible data inconsistency


The Ldap users are also missing there name and email:


Screen Shot 2012-03-28 at 8.56.52 AM.PNG


I then removed the entry scope parameter and changed the ctxDNs to one of the sub OUs.  I had the same problem as above.  I don't know if picketlink can handle sub OUs or if it is a memory issue (why would the local users be found twice?  Recursive loop bug?).


If anyone else has ran into this and has found a solution - let me know.




Shannon Sumner

  • 1. Re: Possible GateIn with LDAP Bug
    Shannon Sumner Newbie

    Nevermind -










    and it worked ...


    Now I just have to figure out how to display groups nested within other groups.