IBM© DataPower Operations Dashboard v1.0.5.0
A newer version of this product documentation is available.
You are viewing an older version. View latest at https://ibm.biz/dpod-docs.
Troubleshooting
The information in this page can be used to help troubleshoot LDAP issues.
References
- https://tomcat.apache.org/tomcat-7.0-doc/realm-howto.html#JNDIRealm
- https://wiki.apache.org/tomcat/JNDI_HowTo
- https://www.ibm.com/support/knowledgecenter/SSZH4A_6.0.0/com.ibm.worklight.help.doc/appcenter/r_ac_tom_ldap.html
Debugging
To enable log based debug, edit the $CATALINA_HOME/conf/logging.properties file.
Insert the following lines (in blue):
############################################################
# Facility specific properties.
# Provides extra control for each logger.
############################################################
# This would turn on trace-level for everything
# the possible levels are: SEVERE, WARNING, INFO, CONFIG, FINE, FINER, FINEST or ALL
#org.apache.catalina.level = ALL
#org.apache.catalina.handlers = 2localhost.org.apache.juli.FileHandler
org.apache.catalina.realm.level = ALL
org.apache.catalina.realm.useParentHandlers = true
org.apache.catalina.authenticator.level = ALL
org.apache.catalina.authenticator.useParentHandlers = true
org.apache.catalina.core.ContainerBase.[Catalina].[localhost].level = INFO
org.apache.catalina.core.ContainerBase.[Catalina].[localhost].handlers = 2localhost.org.apache.juli.FileHandler
Common Issues
Referrals
You might get the following error message:
An exception performing authentication javax.naming.PartialResultException: Unprocessed Continuation Reference(s); remaining name 'DC=XX,DC=XX,DC=XX'
The issue may be resolved by changing the referrals parameter (both inside the server.xml file and system parameters) to "ignore" and connecting to the greater AD "forest", which acts like a regular LDAP server on port 3268 (or 3269 for LDAPS).
LDAP authentication error codes
See the following link: http://www-01.ibm.com/support/docview.wss?uid=swg21290631