Can't log in to keycloak admin console after setting up email - smtp

I am working with Keycloak, version 19.0.3.
I am using it in docker container, using image
quay.io/keycloak/keycloak:19.0
I am using postgresql database.
I am hosting it on azure.
I had a working setup with a few clients, scopes etc. Everything worked fine. Then I tried to set up email provider to be able to receive email confirmations. I successfully received test email and I clicked save. Then after a while my session refreshed and I no longer can log in to the administrator console. I get the following error log:
2022-11-14T09:46:17.033164754Z: [INFO] 2022-11-14 09:46:17,030 WARN [org.keycloak.events] (executor-thread-191) type=LOGIN_ERROR, realmId=[realm_id], clientId=security-admin-console, userId=null, ipAddress=[ipAddress], error=user_not_found, auth_method=openid-connect, auth_type=code, redirect_uri=[redirect_uri], code_id=[code_id], username=[username], authSessionParentId=[authSessionParentId], authSessionTabId=[authSessionTabId]
During startup the following message shows up:
Failed to add user '[admin_user]' to realm 'master': user with username exists
However this user is nowhere in the database.
The administrator log in credentials are set up using environmental variables and the whole setup is still in dev mode.
This is not the first time it happened. It happened once before however I did not connect it to the fact that setting up email account might have caused it. I thought it was because I accidentally upgraded keycloak to version 20, so I started from the beginning.
This time I set up email and came back after 20 minutes. My username and password are invalid. I have them saved in autocomplete, so its not because I wrote my credentials wrong. Nothing else changed.
I thought that maybe its because I have my realm set up to use email as username, so I tested with email address I just added, stil nothing.
I struggled with it for a long time. I am at my wits end. Any tips are welcome.

I have the same issue. Not sure whether it was caused by SMTP setup.
I have checked the databases from the back-up and the new one (after day of work that also included SMTP setup).
The admin user_entity in the database was updated to my email address somehow with keeping the user id. So with my email address and original admin password I am able to sign into the master console.
I hope it'll help.
PS. I recall now that during first 'Test connection' for SMTP execution Keycloak asked me to type an email address for testing (where the test email is going to be sent). Now I think it is at that moment the admin username was changed to my personal email.

Related

Heroku. MariaDB. Access denied for user

I'm creating new app on Heroku. Installed add-on "JawsDB Maria" successfully - I can open it's dashboard
In PHP on connection to DB I receive error:
SQLSTATE[HY000] [1044] Access denied for user 'vcgu1h273742rn5l'#'%' to database 'jeyx2j66ipgtqe11'
I'm sure that problem is not in PHP, because the same error I receive even on MariaDB dashboard trying to Create New Databite - https://prnt.sc/rj4dr4 .
Looks like solution is to GRANT ALL PRIVILEGES to user. But using dashboard I can't execute even SHOW GRANTS.
Questions:
Can somebody help how to solve this problem?
Or, at least, which way I can GRANT ALL PRIVILEGES?
I've tried:
read Heroku docs: JawsDB MySQL, PHP + DB
searching for similar problems in Heroku support, Google, SO:
the best match I found is here. But heroku pg:psql - it's tool only for PostgreSQL.
tried to find useful command for my case in Heroku CLI Commands
Additional info - I'm sure it is not important, but just in case it is:
project is based on Yii2
for easy deployment on Heroku installed "purrweb/yii2-heroku"
You probably know how to read your error message. At any rate, my superpower is explaining the obvious. So, ... here goes.
SQLSTATE[HY000] [1044] Access denied for user 'vcgu1h273742rn5l'#'%' to database 'jeyx2j66ipgtqe11'
Tells you your php program couldn't get to the MySQL server. That operation goes in these steps.
Make a TCP/IP network connection to the server. SUCCESS.
Present a user name and password to the server. SUCCESS.
But the server rejected those credentials. FAILURE
Access the database schema mentioned in the connect request. Not attempted yet. So we have no information about whether the named database actually exists.
The success of step 1 means there are no firewall or network-routing issues. That's good.
The success of step 2 gives us even more confidence about firewall issues.
The failure of step 3 tells us that we're not using a username and password that the MySQL server knows about.
Step 4 is incomplete. So, even if we fix the username and password issues, we still might get another issue before this mess is behind us.
Heroku assigns those usernames to their customers. So, check on the appropriate Heroku control panel to see whether you're using the right username / password credentials. Your error message says you've got wrong credentials.
Next step? Ask your vendor for help. Is Bruce Schneier is reading this? Maybe he can fix this for you from his earbuds while he's riding on the subway. But none of the rest of us here on SO can fix it.
I've waited for 8 hours, hoping there is some trigger, that will complete all necessary settings. But it didn't helped.
Then I reinstalled this add-on. And now all works fine!
So, that was some kind of "JawsDB Maria" bug.

Issue in my Drupal site

I am unable to login admin panel of my site which is developed in Drupal. I had tried the below link, but it's showing as "You are not authorized to login this page"
http://fujisushiflorida.com/?q=admin
After some surfing in net I had tried the below link. It had shown the login page, but the password I had entered is not correct think. So I had planned to change the password in DB. I had gone to phpmyadmin in that selected "user" table and the first reflecting data is the admin data so I had changed the password of that directly in DB also changed the function to MD5 since pwd has been encrypted. Post changing the password I tried to login but getting the error as "unrecognized username and password"
http://fujisushiflorida.com/user
Can you please help me out on this issue.
Not sure how exactly user info is stored, but generally speaking you can install new Drupal site, grab table rows of your admin account there and move them to problematic site, where you lost your account.
In the database check that you have a user with id of 1 and check that their username and email are what you are expecting.
To reset the password:
If your site is sending emails you should just be able to request a new password.
If you can create an anonymous user without admin verification create one with a password. then in the database copy the password from the new user to the number 1 user.
Otherwise create a user on a clean install or dev site and copy over the password from the database.
Try the forgot password on the login screen if your admin has your email address.
If you can SSH into the server your site is hosted on, install drush if you do not have it and use the drush user-login

Using localdb with a computer on a domain but without a connection gives: SQL Server connection error

We expect our software to be able to run on computers connected to a domain. We also expect to be able to connect to a localdb we created under the user account. But when we take the laptop to another network where it can't contact the domain controller we get the following error:
Could not obtain information about Windows NT group/user
'OURDOMAIN\AUser', error code 0x54b.
Is there something I can do to make it work? It seems reasonable to me to expect a domain user's privileges to be remembered when a server is out of sight. Interestingly, if it's not connected to any network it does work ok - it only fails when it is connected to another network.
(I don't want something drastic like "log off and use a local account not on the domain", but something normal and workable for a domain user and installation!)
This error was coming from the simple fact the database owner was the domain user. It would seem that the SQL underlying code likes to check authenticity now and again and so that caused occasional failures in random bits of SQL.
Fixed it by changing the owner to an SQL user:
CREATE LOGIN [ourLocalDbOwner] WITH PASSWORD='';
ALTER AUTHORIZATION ON DATABASE::ourDatabase TO [ourLocalDbOwner];

Cannot connect to SQL Server 2008 Error 18456 Login failed for user

I'm trying to connect to our SQL Server box from our web server. The only thing i've been able to find regarding the issue is to enable tcp/ip and mixed authentication.
TCP/IP is already enabled
Mixed authentication mode is selected
we already have 1 user successfully connecting to a different database so I know TCP/IP and mixed authentication are working.
Logging in as the problem user from sql manager works fine.
I get the same error creating an ODBC connection as well as a ColdFusion SQL Server data source.
According to the log files, which isn't logging all the attempts also indicates State 40, which is "Default database could not be accessed (SQL 2008)."
I've check and the default database is the one I want to open. The Schema is DBO.
Any help would be appreciated.
Make sure your user password not longer than 16 characters.
I apologize for not answering this sooner. To be honest I completely forgot about the question until I got a 'Notable Question' badge from it. Unfortunately, I'm afraid it won't help anyone as the problem was caused due to bad information from the network admins. They moved our SQL server to another box but did not shut down the old instance. Essentially, they gave me the old IP to connect to. Once I got the correct IP to the new box everything worked perfectly. The user I thought was connecting was an older account that was already established prior to the 'move' so the account existed on the old box.
If your box has multiple IP's on it, make sure the Cold Fusion server's IP address (that it's binded to) is allowed access to the SQL box. I've come across this problem in the past. I don't know if you're using a firewall or not to restrict access...but this was a problem I've encountered in the past.

Database User Password from SSIS/SQL Agent

I have an SSIS package that I'm trying to run from a SQL job. However, it fails, and the log claims that the password for the user specified in the connection string is wrong. For testing I've got the protection level set to EncryptSensitiveWithKey, and it runs fine from BIDS. When I import it into SSIS I change it to ServerStorage. (My understanding of the documentation says that this should work. I could be wrong though.) During the import it asks for the decryption key, which I supply, and everything seems fine.
It also seems fine when I set up the job in SQL Server Agent. However, when I run the job, it fails and the log says that the password for that user is incorrect. It doesn't say that there is a permission problem, but that the password is wrong.
I've been through the connections and double checked the username and password that is used to access the database. I can connect just fine with that username and password combination. This is the user that is used to connect to the database. There don't appear to be any problems executing the job.
Any help with this would be appreciated.
From what it looks like, it seems like you still need to modify the password after you have installed it to the SQL Agent. The decryption key decrypts the sensitive information but it is still tied to the person that created it. Have you tried re-entering the password when you install it to the server?
http://decipherinfosys.wordpress.com/2008/09/17/scheduling-ssis-packages-with-sql-server-agent/