Source: IBM TechNote 1672398
In other words, when LDAP users try to access a community library they have the following error:
“The library may have been deleted or modified, or your access may have changed. Try reloading. If that fails, contact the library owner.”
When user clicks into the Library, there is no “Upload Files” or “New Folder” buttons present, even though they are a Community Member or Owner.
This does not happen for non-LDAP local users like ‘wasadmin’.
For Cognos integration, the problem manifests itself when it’s not possible to add LDAP users to the IbmConnectionsMetricsAdmin role, but it is possible to add non-LDAP local users like ‘wasadmin’.
This is a normal query:
This is a nested query:
An example of a complex search filter is shown in the screen shot below.
In the Federated Repositories configuration for the Domino LDAP being used for Connections, there is a filter set in the LDAP Entity Type for PersonAccount, i.e.
Diagnosing the problem
Resolving the problem
However, the fix for this issue could introduce a performance degradation when there are many nested groups. Due to the performance regression potential, IBM is doing 2 things:
1. Working on an interim fix for 8.5.3 FP6 that disables this code path by default and adds the ini LDAP_COMPLEX_FILTER=1. This ini won’t be active until 8.5.3 FP6 Interim Fix 1 and 9.0.1 Fix Pack 2. It will be documented under SPR MJON9GQHLL.
2. Working on a better solution that will not introduce a performance regression.