Troubleshooting
Problem
After configuring security using the "wp-modify-ldap-security" task and restarting the portal server, you are unable to access any portal pages. The SystemOut.log contains the following error: [] [8/27/08 10:37:23:991 IST] 00000015 VaultServiceI E com.ibm.wps.services.credentialvault.VaultServiceImpl checkSystemDNInitialized EJPSK0028E: Invalid system user DN 'systemcred.dn' property value. Ensure that the DN value is valid in the vault service properties file. com.ibm.wps.util.DataBackendException: EJPSG0015E: Data Backend Problem java.security.PrivilegedActionException: com.ibm.wps.um.exceptions.impl.PumaSystemExceptionImpl: com.ibm.wps.util.DataBackendException: EJPSG0015E: Data Backend Problem . . . . Caused by: com.ibm.websphere.wim.exception.WIMSystemException: CWWIM4548E The LDAP attribute used as an external identifier 'ibm-entryuuid' has a null value for entity 'uid=wpsadmin,o=org'. at com.ibm.ws.wim.adapter.ldap.LdapConfigManager.getExtIdFromAttributes (LdapConfigManager.java:2011) []
Symptom
Unable to access any page in WebSphere® Portal. CWWIM4548E error in SystemOut.log.
Cause
LDAP server did not contain the expected external identifier for the user and group entries.
Environment
Any environment where WebSphere Portal expects an external identifier to be returned by the LDAP and the LDAP does not return such an identifier.
Diagnosing The Problem
Based on the following property in wkplc.properties:
standalone.ldap.ldapServerType=<value>
the WIM code expected to find <value> (in this case ibm-entryuuid) as an attribute for the user objects based on the default settings of the chosen LDAP server type. However, this particular LDAP did not contain a uniquely generated identifier. Thus, it was necessary to use the distinguished name of the user/group as the actual external identifier in the WIM configuration.
Resolving The Problem
Manually edit the wimconfig.xml located in <wp_profile_root>/config/cells/<cellname>/wim/config/. Set the externalIdAttributes as follows:
<config:attributeConfiguration>
. . . .
<config:externalIdAttributes name="distinguishedName"/>
. . . .
<config:attributes name="userPassword"
If the externalIDAttributes line does not exist, then add it. After saving the file and restarting the server, the error should no longer exist and the portal server should be accessible via the browser.
Was this topic helpful?
Document Information
Modified date:
03 December 2021
UID
swg21318255