Bootstrap FreeKB - IBM WebSphere - Test LDAP connection
IBM WebSphere - Test LDAP connection

Updated:   |  IBM WebSphere articles

This assumes you have configure WebSphere to authenticate against LDAP (see Getting Started with LDAP).

If you are setting up a standalone LDAP repository, at Security > Global security Configure, select Test connection. There is no LDAP test connection option in a federated repository. If the test connection is not successful, you either provided an invalid ldap hostname or port, or there is some issue between WebSphere and LDAP (eg. LDAP is down, firewall refusing connection, et cetera).

 

In Base distinguished name, enter only your LDAP domain.

 

In Bind distinguished name, enter your main LDAP user, the organization unit (OU) the user is in (usually People), and the domain name. Some LDAP servers will use common name (cn) and some will use user id (uid). For example, these two entries are completely different records in LDAP.

 cn=johndoe,ou=people,dc=example,dc=com
uid=johndoe,ou=people,dc=example,dc=com

 

Use cn or uid based on how your LDAP server is configured.

 

Select OK. Select Save.

If you selected a custom LDAP server type, check to see if your LDAP server is using "ePerson" or "inetOrgPerson".

~]# ldapsearch -x -b dc=example,dc=com
dn: uid=JohnDoe,ou=People,dc=example,dc=com
objectClass: inetOrgPerson

 

If your LDAP server is using inetOrgPerson, select Advanced Lightweight Directory Access Protocol (LDAP) user registry settings. By default, the User filter field will have (&(uid=%v)(objectclass=ePerson)). Update the User filter field to mirror how your LDAP server is configured. For example, OpenLDAP uses "uid" and "inetOrgPerson". 

In this example, the User filter field would be updated to be (&(uid=%v)(objectclass=inetOrgPerson)). If User filter is updated to have cn=%v, you should also updated the User ID map to be *:cn.

 

Making a change to the advanced LDAP user registry settings will create this event in was_home/profiles/your_profile/logs/dmgr/SystemOut.log.

ADMR0016I: User defaultWIMFileBasedRealm/your_username modified document cells/your_cell/security.xml

 




Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee



Comments


Add a Comment


Please enter 56a379 in the box below so that we can be sure you are a human.