Testing External Identity Repository Access

You should verify that you have configured the repository and administrator privileges correctly. You can test configuration as follows:

  • Attempt to create an AM user by navigating to Realms > Realm Name > Identities in the AM console. Run this test only if you have given the AM bind account write privileges to your identity repository.

    For example, create a demo user. When creating a demo user's account, set the fields as follows:

    Demo User Account Settings
    FieldValue
    ID demo
    First NameLeave this field blank.
    Last Name demo
    Full Name demo
    Password Ch4ng31t
    User StatusActive

  • Attempt to access an AM user from Realms > Realm Name > Identities in the AM console.

If you receive an LDAP error code 65 while attempting to create a user, it indicates that you did not correctly prepare the identity repository. Error code 65 is an LDAP object class violation and often indicates a problem with the directory schema or permissions.

A common reason for this error while attempting to create a user is that the bind account might not have adequate rights to add data to the directory. Review the DS access log and locate the entries for the add operation to determine if it is an access rights issue.

For information on setting up Directory Services as an identity store, see "Installing and Configuring Directory Services for Identity Data".

Read a different version of :