|
| Problem | If you have configured an LDAP server to include users from another LDAP server, you can query LDAP from the command line using the ldapsearch utility, and the remote users are returned without any additional flags or options to the ldapsearch command, this is referred to as "chasing referrals."
However, when you search for users or groups in the WebSphere administrative console, only users in the immediate LDAP server are returned.
Does WebSphere security chase referrals when querying its LDAP server for valid users? | | Cause | WebSphere does not support LDAP referrels. | | Solution | Currently WebSphere does not include referrals when it queries LDAP servers for users or groups, and there is no setting available to administrators to enable this. This means, for example, that if an administrator enables security for "all authorized users", authorization will still fail for a user on a remote LDAP server, even though ldapsearch shows that it is a valid id.Inclusion of referrals has been requested as future enhancement (feature request #92192). Customers who need this capability should contact their IBM marketing representative and state their business need. | |
| |
| |
|
Product categories: Software, Application Servers, Distributed Application & Web Servers, WebSphere Application Server, Security Operating system(s): AIX, HPUX, Linux, Multi-Platform, Solaris, Windows Software version: 3.5, 4.0, 5.0, 5.1 Software edition: Advanced, Base, Network Deployment, Single Server Reference #: 1066777 IBM Group: Software Group Modified date: 2005-01-05
(C) Copyright IBM Corporation 2000, 2004. All Rights Reserved.
|