Fixes are available
8.5.5.12: WebSphere Application Server V8.5.5 Fix Pack 12
8.0.0.14: WebSphere Application Server V8.0 Fix Pack 14
9.0.0.5: WebSphere Application Server traditional V9.0 Fix Pack 5
8.5.5.13: WebSphere Application Server V8.5.5 Fix Pack 13
8.0.0.15: WebSphere Application Server V8.0 Fix Pack 15
8.5.5.14: WebSphere Application Server V8.5.5 Fix Pack 14
8.5.5.15: WebSphere Application Server V8.5.5 Fix Pack 15
8.5.5.17: WebSphere Application Server V8.5.5 Fix Pack 17
8.5.5.20: WebSphere Application Server V8.5.5.20
8.5.5.18: WebSphere Application Server V8.5.5 Fix Pack 18
8.5.5.19: WebSphere Application Server V8.5.5 Fix Pack 19
8.5.5.16: WebSphere Application Server V8.5.5 Fix Pack 16
8.5.5.21: WebSphere Application Server V8.5.5.21
APAR status
Closed as program error.
Error description
In a federated repository, adding a base entry of "root" on a Microsoft Active Directory LDAP server causes login failures after server restart.
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: All users of IBM WebSphere Application * * Server * * users of federated repositories * **************************************************************** * PROBLEM DESCRIPTION: In a federated repository, adding a * * base * * entry of "root" on some LDAP servers * * causes failures after server restart. * **************************************************************** * RECOMMENDATION: * **************************************************************** In a federated repository, adding a base entry of "root" on some LDAP servers, such as Microsoft Active Directory, causes login failures after server restart. This error is seen in the dmgr JVM log. E com.ibm.ws.wim.adapter.ldap.LdapConnection search(String, String,Object[], SearchControls) com.ibm.websphere.wim.exception.WIMSystemException: CWWIM4520E The 'javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001A8, problem 2001 (NO_OBJECT), data 0, best match of: '']; remaining name '/'; resolved object com.sun.jndi.ldap.LdapCtx@45564556' naming exception occurred during processing.
Problem conclusion
If root is entered in the administrative console for the unique distinguished name of the base entry field, the LDAP server type is checked. If the use of root to indicate an empty base entry name is not supported, an error message is displayed and the user must enter a valid base entry. The fix for this APAR is currently targeted for inclusion in fix packs 8.0.0.14, 8.5.5.12 and 9.0.0.5. Please refer to the Recommended Updates page for delivery information: http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
Temporary fix
Comments
APAR Information
APAR number
PI75159
Reported component name
WEBS APP SERV N
Reported component ID
5724H8800
Reported release
850
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2017-01-18
Closed date
2017-06-05
Last modified date
2017-06-05
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
WEBS APP SERV N
Fixed component ID
5724H8800
Applicable component levels
R800 PSY
UP
R850 PSY
UP
R900 PSY
UP
Document Information
Modified date:
28 April 2022