Using all the usual documentation from IBM and tutorials on the Web, I successfully installed and configured Tivoli Directory Server.
Imported all the Portal LDIF files along with some test data into Tivoli Directory Server
Configured TDS as an additional LDAP to a Federated repository configuration within Portal.
So far so good.
However, as soon as I login as a user who is a part of LDAP, and click on the “Edit Mode” link within Portal to configure a page (by the way I use Portal 8 CF7), I saw loads of “User id cannot be null” type JCR exceptions thrown in the logs.
If I login as a user who is a part of the file based repository everything was fine. I checked permissions, checked permissions and cheked permissions for over 3 days before a small article from IBM gave the clue.
When I configured TDS, I had provided the Common name (cn) parameter as the unique parameter to find each entry.
Portal by default uses the User id (uid) parameter as the unique parameter to find each LDAP entry.
This was the one causing the problem.
Solution
To resolve this issue, it was suggested to add “store.puma_default.user.fbadefault.filter” to “WP PumaStoreService” through WebSphere Integrated Solutions Console (aka the admin console) and set the value to RDN “cn”. After that, the exceptions disappeared.
Please see this article from IBM for the solution description.
