If one or more configured repository is down, you are unable to authenticate or stop WebSphere Application Server.
The following exception or a similar exception may occur, which indicates that a connection to the back-end repository cannot be established:
CWWIM4520E The 'javax.naming.CommunicationException:
Extdomain1.altext.ibm.com:389 [Root exception is java.net.ConnectException: Connection refused: connect]'
naming exception occurred during processing.
at com.ibm.ws.wim.adapter.ldap.LdapConnection.reCreateDirContext(LdapConnection.java:613)
at com.ibm.ws.wim.adapter.ldap.LdapConnection.search(LdapConnection.java:2419)
Ensure that your back-end repository is running, and you are able to connect to it. In case more than one repository is configured, all of the configured repositories should be up and running.
If the problem persists, it is due to a security feature of virtual member manager. If one or more configured repository is down, you cannot log in (even as admin) or stop WebSphere Application Server, regardless of the repository in which your particular ID is stored. Virtual member manager always checks all repositories before authenticating.
To disable this security feature, use the createIdMgrRealm or updateIdMgrRealm wsadmin command to set the –allowOperationIfReposDown parameter to true. The default value of the allowOperationIfReposDown parameter is false. After you disable this security feature, even if one of the configured repositories is down, virtual member manager works with the other active repositories. You can login successfully, as long as the login user ID and password are in a repository that is active.
If you set the value of allowOperationIfReposDown parameter to true, the following behavior can be expected:
For more information about the allowOperationIfReposDown parameter and the createIdMgrRealm or updateIdMgrRealm wsadmin commands, see IdMgrRealmConfig command group for the AdminTask objectin the WebSphere Application Server information center. (If you are using WebSphere Application Server version 6.1, to disable this security feature, first apply the PK78677 patch or install WebSphere Application Server fixpack 6.1.0.23 or above, and then change the configuration accordingly.)