LDAP Error: 53 (Unwilling to perform)
The search users/groups operation in FEM causes LDAP Error code 53
Resolving the problem
This issue was identified in the following configuration:
- JBoss Application 4.0.5
- P8 Content Engine 4.0.1
- eDirectory 8.7.3 Service Pack 5 (16 replicated servers)
When performing a search users/groups operation within FileNet Enterprise Manager, the eDirectory server returned "LDAP: error code 53 - Unwilling To Perform". The search users/groups operation uses the Server-Side Sort control feature of LDAP.
The LDAP Server must have a copy of all objects within the search scope, in order for the SSS (Server-side sort ) control to work. The LDAP server needs a copy of every replica, if the search scope started at the top of the tree. If it doesn't have a copy of all objects in the search scope, it will return LDAP error 53 when the SSS control is used in a search request.
This issue was identified as a configuration problem on the eDirectory server. This configuration had one of the servers configured as subordinate replica. A subordinate replica does not contain all the objects of master and read/write replicas. The problem was resolved after replica type was changed to Read/Write.
More support for:
FileNet Content Manager
Software version: 4.0, 4.0.1, 4.5
Operating system(s): AIX, HP-UX, Linux, Solaris, Windows
Reference #: 1370147
Modified date: 2009-02-03