Keycloak update password AD


I’ll try to configure keycloak with an AD widows server 2016 as a provider LDAP.
The connexion is ok, i can synchronise all user with the UPN username but i can’t update
the passwords for each user, is is not a question of type of password, but the AD seems
don’t want to update or change the attribute.
2021-06-18 08:03:02,949 DEBUG [] (default task-77) Failed to update password in Active Directory. Exception message: [LDAP: error code 53 - 0000001F: SvcErr: DSID-031A1254, problem 5003 (WILL_NOT_PERFORM), data 0 ]

I found a post which explains that it’s a problem with the LDAP protocole and we must implement the LDAPS. I don’t know if it’s the problem.


Hi @thiebaut

I had the same problem.

Maybe this helps:

So I finally managed the LDAPS connection problems. The official documentation is too much for my simple usecase. And I messed up the rights for the ldaps user… :grimacing: