Troubleshooting single sign-on problems with Lotus® Domino®

Troubleshoot problems when using single sign-on (SSO) with IBM® Lotus® Domino® Directory.

About this task

When you configured Domino® Directory as your LDAP directory, you might have entered no value for the Distinguished name of a base entry in this repository attribute because Domino® Directory contains flat groups. However, SSO does not work correctly with this configuration.

To resolve this problem, configure the Virtual Member Manager component of WebSphere® Application Server to use Domino® Directory flat groups:

Procedure

  1. Open the wimconfig.xml file in a text editor. The file is stored in the following location:
    OptionDescription
    AIX® /usr/IBM/WebSphere/AppServer/profiles/<profile_name>/config/cells/ <cell_name>/wim/config
    Linux /opt/IBM/WebSphere/AppServer/profiles/<profile_name>/config/cells/ <cell_name>/wim/config
    Microsoft Windows C:\IBM\WebSphere\AppServer\profiles\<profile_name>\config\cells\ <cell_name>\wim\config
  2. Replace the <config:baseEntries name="o=example" nameInRepository="o=example"/> string with the following string: <config:baseEntries name="" nameInRepository=""/>.
  3. Replace the <config:participatingBaseEntries name="o=example"/> string with the following string: <config:participatingBaseEntries name=""/>.
  4. Save and close the wimconfig.xml file.
  5. Restart the Deployment Manager.