WebSphere Application Server - Express security supports these LDAP servers:
Although it is expected that any LDAP server that follows the LDAP specification would function, the support is limited to these specified directory servers only. You can use any other directory server by using the custom directory type and by filling in the filters required for that directory. For more information, see Configure LDAP search filters.
To improve performance for LDAP searches, the default filters for IBM_Directory_Server, iPlanet and Active_Directory have been defined such that when you search for a user, the result contains all the relevant information about the user (user ID, groups, and so on). This prevents the product from going to the LDAP server multiple times and improves performance. This is possible only in these directory types because these support searches where the complete information about a user can be obtained.
Also, if you use the IBM_Directory_Server, enable the IgnoreCase flag in the administrative console. This is required because when the groups information is obtained from the user object attributes, the case is not the same as the one that is obtained when you get the groups information directly. For the authorization to work in this case, perform a case-insensitive check and also check the requirement for the IgnoreCase flag.