IBM Support

Technote (troubleshooting)


Problem(Abstract)

The search users/groups operation in FEM causes LDAP Error code 53

Resolving the problem

This issue was identified in the following configuration:

- JBoss Application 4.0.5
- P8 Content Engine 4.0.1
- eDirectory 8.7.3 Service Pack 5 (16 replicated servers)


When performing a search users/groups operation within FileNet Enterprise Manager, the eDirectory server returned "LDAP: error code 53 - Unwilling To Perform". The search users/groups operation uses the Server-Side Sort control feature of LDAP.

The LDAP Server must have a copy of all objects within the search scope, in order for the SSS (Server-side sort ) control to work. The LDAP server needs a copy of every replica, if the search scope started at the top of the tree. If it doesn't have a copy of all objects in the search scope, it will return LDAP error 53 when the SSS control is used in a search request.

This issue was identified as a configuration problem on the eDirectory server. This configuration had one of the servers configured as subordinate replica. A subordinate replica does not contain all the objects of master and read/write replicas. The problem was resolved after replica type was changed to Read/Write.

Document information

More support for: FileNet Content Manager
Content Engine

Software version: 4.0, 4.0.1, 4.5

Operating system(s): AIX, HP-UX, Linux, Solaris, Windows

Reference #: 1370147

Modified date: 2009-02-03