If IBM Domino LDAP is used for WebSphere Application Server 8.x federated repository problems can occur if another repository (Active Direcory for example) needs to be added to the configuration.
A common work-around when using Domino LDAP in combination with WebSphere Application Server is to use “root” as base-entry. If “O=COMPANY” is used for example, which is actual more usual, Websphere is unable to resolve groups in Domino LDAP.
At the moment an additional LDAP source needs to be connected to WebSphere you might recognize that the configuration is screwed.
On my demo setup I have a Microsoft ActiveDirectory and Domino LDAP (configured in this sequence) connected as Websphere repositories.
The configuration becomes corrupted if I want to add another LDAP server :
To configure Websphere with a Domino LDAP and one or more additional LDAP repositories, first add the non-Domino repositories to your Application Servers.