WAS 8.5.5 FP12 breaks Domino “root” base entry setting

Hi all,

after updating a portal 9 environment to WAS 8.5.5 FP12, I was not able to login anymore with any user…

The error in the log:

com.ibm.websphere.wim.exception.EntityNotFoundException: 
CWWIM4527E The LDAP entry 'uid=wpadmin,o=defaultWIMFileBasedRealm' was not found: '
javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object]; 
remaining name 'uid=wpadmin,o=defaultWIMFileBasedRealm'; 
resolved object com.sun.jndi.ldap.LdapCtx@17514e8b'. 
at com.ibm.ws.wim.adapter.ldap.LdapConnection.getAttributes (LdapConnection.java:1267) 
at com.ibm.ws.wim.adapter.ldap.LdapConnection. checkAttributesCache(LdapConnection.java:1573) 

Rolling back FP12 to FP11 resolved the issue.

This issue occurs when using Domino in combination with a federated repository configuration set to base “root”. There are several good reasons to use the “root” base entry when dealing with a Domino LDAP…

IBM introduced a change in FP12 to allow setting of “root” as base entry for Active Directory also! It seems that something got broken within the part for Domino.

There is a workaround for this:

  • Change the order of the federated repository in wimconfig.xml to set the LDAP entry before the file based entry

or IBM already created a technote for this issue. The ifix for this issue is called “8.5.5.10-WS-WAS-IFPI88438” …

After this everything works as expected.

Leave a Reply

Your email address will not be published. Required fields are marked *