WebSphere Application Server LDAP: The administrative user ID does not exist in the user repository.
When you try to enable global security with ldap authentication you get the following error when configuring your ldap repository (IBM Directory Server):
The administrative user ID does not exist in the user repository.
Reason: The bind user must be searchable. This means that an ldapsearch with this user as bind user must return his own entry. If this does not work, you have to add an aclEntry:
vi change-was7101-aclentry.ldif
dn: uid=was7101,cn=mygroup,cn=admusr,o=mycomp
aclentry: access-id:UID=WAS7101,CN=MYGROUP,CN=ADMUSR,O=MYCOMP:normal:rsc
$ ldapmodify -h myhost -x -D "cn=root" -w ******* -f change-was7101-aclentry.ldif
modifying entry "uid=was7101,cn=mygroup,cn=admusr,o=mycomp"
Now user was7101 can do an ldapsearch to find itself and therefore you can use it to configure you LDAP repository.
This article gave me the hint: http://www-01.ibm.com/support/docview.wss?rs=767&uid=swg21219253
The administrative user ID does not exist in the user repository.
Reason: The bind user must be searchable. This means that an ldapsearch with this user as bind user must return his own entry. If this does not work, you have to add an aclEntry:
vi change-was7101-aclentry.ldif
dn: uid=was7101,cn=mygroup,cn=admusr,o=mycomp
aclentry: access-id:UID=WAS7101,CN=MYGROUP,CN=ADMUSR,O=MYCOMP:normal:rsc
$ ldapmodify -h myhost -x -D "cn=root" -w ******* -f change-was7101-aclentry.ldif
modifying entry "uid=was7101,cn=mygroup,cn=admusr,o=mycomp"
Now user was7101 can do an ldapsearch to find itself and therefore you can use it to configure you LDAP repository.
This article gave me the hint: http://www-01.ibm.com/support/docview.wss?rs=767&uid=swg21219253
Kommentare
But Sharepoint standard packaged misses that control
I am looking for available solutions on market
I came across
http://sharepointfields.com
Does anybody has experiece using it?