IBM Support

PH10154: GROUP MEMBERS ARE NOT LISTED (IN MANAGE USERS/GROUPS) WHEN DOMAINNAMEFORAUOMATICDISCOVERYOFLDAPSERVERS IS CONFIGURED.

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • In the Integrated Solutions Console (Admin Console) for
    WebSphere Application Server, if
    domainNameForAutomaticDiscoveryOfLDAPServers is configured as a
    custom property for an LDAP repository (configured in a
    Federated Repository), it's possible that the member
    information of a group is not returned at all when queries are
    made against the LDAP.
    
    For example, if you try to list the Members of a Group in the
    Users and Groups > Manage Groups > GROUP_NAME, then click the
    Members tab, it will be an empty table.
    

Local fix

  • N/A
    

Problem summary

  • ****************************************************************
    * USERS AFFECTED:  All users of IBM WebSphere Application      *
    *                  Server with Ldap configured, the            *
    *                  domainNameForAutomaticDiscoveryOfLDAPServer *
    *                  s                                           *
    *                  configured and using certain types of       *
    *                  group members (for example, groups with     *
    *                  Active Directory Server).                   *
    ****************************************************************
    * PROBLEM DESCRIPTION: Group members not found with property   *
    *                      domainNameForAutomaticDiscoveryOfLDAPSe *
    *                      rvers enabled.                          *
    ****************************************************************
    * RECOMMENDATION:                                              *
    ****************************************************************
    Group membership lookup can fail with the custom property,
    domainNameForAutomaticDiscoveryOfLDAPServers, enabled. While
    the group members are returned from the Ldap server, they are
    not returned to the user (for example, listed in the
    administrative console).
    For example, when using the Manage Groups option in the
    administrative console, the Members tool on a selected group
    does not list the members.
    

Problem conclusion

  • The processing of the group members when the custom property,
    domainNameForAutomaticDiscoveryOfLDAPServers, is enabled was
    fixed to return the group members.
    
    The fix for this APAR is currently targeted for inclusion in
    fix pack 8.5.5.16 and 9.0.5.0.  Please refer to the
    Recommended Updates page for delivery information:
    http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
    

Temporary fix

Comments

APAR Information

  • APAR number

    PH10154

  • Reported component name

    WEBS APP SERV N

  • Reported component ID

    5724H8800

  • Reported release

    850

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2019-03-25

  • Closed date

    2019-05-29

  • Last modified date

    2019-05-29

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    WEBS APP SERV N

  • Fixed component ID

    5724H8800

Applicable component levels

  • R850 PSY

       UP

  • R900 PSY

       UP

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"8.5","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
30 November 2021