|
Problem(Abstract) |
You have configured an LDAP server to include users from
another LDAP server. You can query LDAP from the command line using an
ldapsearch utility, and the remote users are returned without any
additional flags or options to the ldapsearch command. This is known as
"chasing referrals". Referrals are entities used to redirect a client
request to another LDAP server.
However, when you search for users or groups in the IBM® WebSphere®
Application Server administrative console, only users in the immediate
LDAP server are returned. |
|
|
|
Cause |
WebSphere Application Server does not support LDAP
referrals before V6.1 |
|
|
Resolving the
problem |
WebSphere Application Server versions below V6.1 do not
include referrals when querying LDAP servers for users or groups, and
there is no setting available to administrators to enable this. This
means, for example, that if an administrator enables security for "all
authorized users", authorization will still fail for a user on a remote
LDAP server, even though searching with an ldapsearch utility shows that
it is a valid user ID.
A setting to enable referrals has been added to the LDAP configuration
settings in V6.1. See the WebSphere
Information Center. |
|
|
|
|
Cross Reference information |
Segment |
Product |
Component |
Platform |
Version |
Edition |
Application Servers |
Runtimes for Java Technology |
Java SDK |
|
|
|
|
|
|