IBM Support

Tivoli Integrated Portal won't allow LDAP users to log in "Login failed..." error

Troubleshooting


Problem

Logins for LDAP users are suddenly failing with "Login failed. Check User ID and password and try again". The /profiles/TIPProfile/logs/server/systemOut.log includes the following WIM and LDAP error strings: "CWWIM4520E" and "DSID-03100641"

Symptom

Local file based users can log in. Only LDAP users are affected.

Cause

A change in the LDAP environment is requiring the WAS referrals option to be set to "follow"

Diagnosing The Problem

Check the SystemOut.log for errors similar to:

###
[8/14/13 12:08:23:395 CDT] 0000001e exception E com.ibm.ws.wim.adapter.ldap.LdapConnection getAttributes CWWIM4520E The 'javax.naming.PartialResultException: [LDAP: error code 10 - 0000202B: RefErr: DSID-03100641, data 0, 1 access points
ref 1: 'dmz.companyname.org'
�]; Remaining name: 'CN=Tivoli,OU=General,OU=company Groups,DC=dmz,DC=company,DC=org'; Resolved object: 'com.sun.jndi.ldap.LdapCtx@436c436c'' naming exception occurred during processing.
###

Resolving The Problem

Method 1.
1. Login to the Integrated Solutions Console.
2. Navigate to Secure administration, applications, and infrastructure
--> Federated repositories --> Manage repositories --> repository name.
3. In the drop-down list for "Support referrals to other LDAP servers",
select Follow.
4. Save the changes and restart the servers.

Method 2.
1. Open the <was_profile>/config/cells/<cell
name>/wim/config/wimconfig.xml file.
2. Search for referal="ignore".
3. Change this to referal="follow".
4. Save the changes and restart the servers.

[{"Product":{"code":"SSRLR8","label":"Tivoli Components"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"Tivoli Integrated Portal (TIP)","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"2.2;2.1;1.1","Edition":"","Line of Business":{"code":"","label":""}}]

Document Information

Modified date:
17 June 2018

UID

swg21646982

Page Feedback