When you are configuring WebSphere Portal with Tivoli Directory Server either as Standalone or Federated repository type. You need to grant create and delete access for wpsbind user which is used for binding and internal communication between WebSphere Portal and a LDAP server.
1. Deploy TDS web administration application IDSWebApp.war which can be found in /opt/ibm/ldap/V6.1/idstools/ directory onto WAS. For details on deploying TDS web admin app please visit the link-1 under Reference section.
2. Login into web admin console http://localhost:9080/IDSWebApp/IDSjsp/Login.jsp by using id superadmin and password secret.
3. Add your Tivoli Directory Server in web admin console. For details please refer the link in step-1.
4. Once you added your TDS server, then logout and login back with TDS admin Id and password.
5. Go to Directory management => Manage entries. Select the suffix dc=ibm,dc=com and click on Edit ACL.
6. On the left, click on the Non-filtered ACLs. Select the Propagate ACLs check box to allow descendants without an explicitly defined ACL to inherit from this entry. Enter the distinguished name of the
7. For Type, select access-id, because this DN is a user, then select ADD
grant to the Read, Write, Search, and Compare security classes. Click OK, then OK again on the following screen to save your changes. You can view the above steps with screen shot in link-2 under Reference section.