You can test Lightweight Directory Access Protocol (LDAP) server connections and search
filters from the administrative console before you configure them.
Before you begin
The following examples assume that SSL is enabled for your LDAP server. Before you start the
examples, set up SSL and add your LDAP certificate to the WebSphere® truststore.
Define at least one LDAP server configuration.
About this task
The LDAP test query utility is available from the administrative console in the LDAP pages on
federated repositories, stand-alone LDAP repositories, and security domains. The following procedure
has one example for testing search filters and a second example for testing connections.
Test results for the LDAP Test Query cannot be saved.
For more information, including examples, see the video on testing connections and search
filters: How to access and use the LDAP Test Query to test LDAP.
Procedure
-
In the administrative console, click .
-
Click Configure next to the Available realm
definitions field.
-
Click a repository identifier in the Repositories in the Realm
table.
-
On the next page, click LDAP test query in the Related
Items section.
Notice that the page is pre-populated with information from the security page. You can edit all
these fields to test a different LDAP server as needed. You must reenter the bind password for each
new test.
-
Reenter the bind password.
-
To test the search filter, type a search filter string in the Search filter
string field of the Test Query section, and then click Test
query.
The input parameters display at the beginning of the page. The results for the search filter
display after the input parameters. If the test query returns multiple items, they are separated,
one after the other.
-
To test a connection, go back to the LDAP Test Query page and enter the bind password.
-
Enter an invalid bind distinguished name in the Bind distinguished name
field.
-
Click Test Query.
The input parameters display at the beginning of the page. However, no test results display
because the bind distinguished name is not valid.