Unable to create new users in LDAP using WebSphere Application Server
When a new user is created using the WebSphere®
Application Server, the
UniqueName
attribute references the defaultFileBasedRealm instead of LDAP. This
means that the new user cannot be assigned to groups and therefore cannot be assigned roles in
LDAP.
Problem
When a new user is created using the WebSphere
Application Server, the
UniqueName
attribute references the defaultFileBasedRealm instead of LDAP. This
means that the new user cannot be assigned to groups and therefore cannot be assigned roles in
LDAP.
Resolution
You can add more LDAP details in WebSphere
Application Server to allow the user to be
added to groups. Here is an example. Note that the details given in this example are
repository-specific.
- Remove the ObjectServer definition.
- Expand Security and click Global Security.
- Scroll down on the page to the User account repository section and click Configure.
- Scroll down on the page to the Repositories in the realm, select the check box for the ObjectServer entry, and click Remove.
- Click Save.
- Scroll down on the page to the Related Items section and click Manage repositories.
- Check the box to select the ObjectServer entry and click Delete.
- Click Save.
- Log out of the administrative console.
- Log out of Dashboard Application Services Hub.
- The ObjectServer is removed as a Virtual Member Manager user repository. You must restart the Dashboard Application Services Hub to complete the removal.
- Stop the Dashboard Application Services
Hub.
cd /opt/IBM/JazzSM/profile/bin ./stopServer.sh server1 -username smadmin -password password
IVT RTC defect 66731