Hi All,

Please suggest.

We need to configure Windows 2008 LDAP server in WAS 6.1.

I have not find any Windows 2008 AD type in WAS, if we choose custom type it will work right.


Thanks,
Chinna.

yes
And also make sure you set the additional properties like user identifier, group identifier etc..

Hi All,

I am configuring AD details in WAS 6.1, am gettig below error.


SECJ7340E: Exception raised trying to connect to LDAP server: AuthenticationException:
[LDAP: error code 49 - 80090308:
LdapErr:
DSID-0C0903AA, comment: AcceptSecurityContext error, data 525, v1772]

We have imported AD SSL certificate, post importing we have not
stop/started WAS.

With AD details, i am trying test connection in WAS. I have give AD details, selected SSL i did not applied changes. While doing test connection i am getting above error.

Note :  We have two OU in AD details and UO is having space,  c
an we have like this . US team is given AD details.
AD(LDAP) type windows 2008.

Please suggest.

Thanks,
Chinna.

Hi Chinna,


  look here.

 

regards,

Please post the related FFDC error file

and check the following
1. Are you able to find user under BIND DN specified ?
2. Is user name/passowrd for LDAP user correct?
3. Are you using the full name like [cn=xxx,ou=yyy,ou=xyy,o=zzz,dc=abc]
4. What is the total length of the name configured [step3]
5. Does the configured user have the required permissions on LDAP ?

Hi All,


We have configured LDAP server in WAS level successfully. Post configuring AD details in WAS, we are able to login into application.  We are facing slowness in application from yesterday onwards.  While login into applciation its too slow.

Previously we have one more also configured in same, for this AD users are not able to login into application. Same cluster we have five application deployed, one application is using Form based application, other applications are working fine.

We are getting below errors:

 

 

[10/30/12 0:03:03:630 GMT+05:30] 0000095f LTPAServerObj E   SECJ0369E:
Authentication failed when using LTPA. The exception is .

[10/30/12 0:03:03:631 GMT+05:30] 0000095f FormLoginExte E   SECJ0118E:
Authentication error during authentication for user 091881

[10/30/12 0:04:27:504 GMT+05:30] 00000975 exception     E
com.ibm.ws.wim.adapter.ldap.LdapConnection DirContext
reCreateDirContext(String errorMessage) CWWIM4520E The
'javax.naming.CommunicationException: 170.224.42.135:636 [Root exception is
java.net.SocketException: Connection timed out:could be due to invalid address]
' naming exception occurred during processing.

[10/30/12 0:04:27:505 GMT+05:30] 00000975 exception     E
com.ibm.ws.wim.adapter.ldap.LdapConnection DirContext
reCreateDirContext(String errorMessage)

                                 com.ibm.websphere.wim.exception.WIMSystemException:
CWWIM4520E The 'javax.naming.CommunicationException: 170.224.42.135:636
[Root exception is java.net.SocketException: Connection timed out:could be due
to invalid address]' naming exception occurred during processing.


Is there any Performance settings for Multiple LDAP repository under federated
registry.


Please suggest.

Thanks,
Chinna.

Hi chinna,
 
  I watch that you have configured SSL (636) to connect to AD.  
 
  Look this Tony Giboney thread, the performance goes down when communication with the LDAP is through SSL.

  www.websphereusergroup.org/go/thread/vie...
 
  Try to configure AD under federate repository without SSL (389) to check this issue.

  If you need to use SSL increment your connection timeout or open a PMR in IBM.
 
  Hope this helps.
 
regards