LDAP Error: 53 (Unwilling to perform)

Troubleshooting

Problem

The search users/groups operation in FEM causes LDAP Error code 53

Resolving The Problem

This issue was identified in the following configuration:

- JBoss Application 4.0.5
- P8 Content Engine 4.0.1
- eDirectory 8.7.3 Service Pack 5 (16 replicated servers)

When performing a search users/groups operation within FileNet Enterprise Manager, the eDirectory server returned "LDAP: error code 53 - Unwilling To Perform". The search users/groups operation uses the Server-Side Sort control feature of LDAP.

The LDAP Server must have a copy of all objects within the search scope, in order for the SSS (Server-side sort ) control to work. The LDAP server needs a copy of every replica, if the search scope started at the top of the tree. If it doesn't have a copy of all objects in the search scope, it will return LDAP error 53 when the SSS control is used in a search request.

This issue was identified as a configuration problem on the eDirectory server. This configuration had one of the servers configured as subordinate replica. A subordinate replica does not contain all the objects of master and read/write replicas. The problem was resolved after replica type was changed to Read/Write.

[{"Product":{"code":"SSNVNV","label":"FileNet Content Manager"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"Content Engine","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"4.5;4.0.1;4.0","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]

Tips

LDAP Error: 53 (Unwilling to perform)

Troubleshooting

Problem

Resolving The Problem

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?