WebSphere Application Server LDAP Query Fails when Base DN has problems
 Technote (troubleshooting)
 
Problem(Abstract)
The following query to the LDAP is failing:

"(|(&(objectclass=groupofNames)(member=<user
DN>))(&(objectclass=groupofUniqueNames)(uniqueMember=<user DN>)))"

From looking at our advanced LDAP settings, this seems to be from "Group Member ID Map".
 
Symptom
You see that the query failed when reviewing the LDAP logs.
 
Cause
This query is done for authorization of group to roles mappings. The query will be done when any credential is created and not found in cache. During a user login that is authenticating against this LDAP, the above search will be seen. If the query fails, you will not be able to use any group to role mappings.
This query fails because of some unrelated Base DN issues.
 
Resolving the problem
There are no settings to turn off this query. If you know it will fail, the error could be safely ignored.

Resolve any Base DN issues that cause this error to occur. If this query is successful, it would allow you to utilize group to role mappings and eliminate the error.

 
 
Cross Reference information
Segment Product Component Platform Version Edition
Application Servers Runtimes for Java Technology Java SDK
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > Security
Operating system(s): Windows
Software version: 6.1
Software edition:
Reference #: 1230246
IBM Group: Software Group
Modified date: Feb 14, 2006