Technote (troubleshooting)
Problem
When WebSphere Portal fails over to the secondary LDAP server, you are unable to perform any write operations.
Symptom
The following error is observed in SystemOut.log
00000031 exception E com.ibm.ws.wim.adapter.ldap.LdapConnection checkWritePermission
com.ibm.websphere.wim.exception.
OperationNotSupportedException: CWWIM4547E The write operations are not allowed on secondary LDAP server 'ldaps://<hostname:port>'.
Cause
By default, the Virtual Member Manager (VMM) component of WebSphere Portal will not write to a secondary LDAP server.
Resolving the problem
Update the VMM configuration to set the parameter allowWriteToSecondaryServers to true.
Modify the relevant LDAP repository in the wimconfig.xml to add the parameter and set it to true:
<config:repositories xsi:type="config:LdapRepositoryType" adapterClassName="com.ibm.ws.wim.adapter.ldap.LdapAdapter" id="<LDAP_ID>"
....
<config:ldapServerConfiguration primaryServerQueryTimeInterval="15"
returnToPrimaryServer="true"
searchCountLimit="500" searchTimeLimit="120000" sslConfiguration="
NodeDefaultSSLSettings" allowWriteToSecondaryServers="true">
Note: In a standalone environment, modify the file on the Portal node under <wp_profile>/config/cells/<cellname>/wim/config/. In a clustered environment, modify the file on the Deployment Manager node under <dmgr_profile>/config/cells/<cellname>/wim/config.
Restart the application server to take effect.
Related information
Information Center: CWWIM4547E
Rate this page:
Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.