Failure to retrieve extended binary attributes from LDAP
An error is displayed when the virtual member manager receives unexpected data from LDAP while retrieving the values of extended binary attributes. To resolve the issue, determine whether LDAP must return the attribute value as binary data. If the value must be returned as binary data, then configure the environment property so that the value is stored as a byte array.
Problem
CWWIM4522E The data type of the 'property_name' property is not valid.
For example, a new binary attribute photoNewAttribute is extended in LDAP. To use the new photoNewAttribute binary attribute from the virtual member manager, you must either map the attribute to the default jpegPhoto binary property of the virtual member manager, or extend the binary property in the virtual member manager schema.
The virtual member manager is not explicitly configured to treat LDAP attributes as binary data. The virtual member manager uses the Java Naming and Directory Interface (JNDI) to access the LDAP. By default, JNDI treats only certain attributes as binary data (stored in a byte array, byte[]).
Solution
- Manually backup the following file:<profile_home>/config/cells/<cell name>/wim/config/wimconfig.xml
- In the wimconfig.xml file, configure the <ldapServer>
element to include the <environmentProperties> element as follows:
where photoNewAttribute is the name of your new LDAP attribute.<config:ldapServers ...> .... <config:environmentProperties name="java.naming.ldap.attributes.binary" value="photoNewAttribute"/> </config:ldapServers>
- If the application server is running on a cluster, update the wimconfig.xml file in the deployment manager profile named dmgr, and synchronize the updates to all nodes on the cluster.
- Restart the application server for the changes to become effective in the wimconfig.xml file, irrespective of whether the server is on a stand-alone or cluster environment.