When you want to enable Active Directory Login with Datapower and your members are part of a Group you need to add the following to your LDAP Search Credintials:
Name: ldapsearch
LDAP Base DN: ou=groups,dc=ibm,dc=com
LDAP Filter Prefix: (&(member=
LDAP Filter Suffix: )(|(cn=administrators)(cn=architects)(cn=operations)))
If you have set RBM and you can’t log into your Datapower appliance:
Open a an SSH session and login to your appliance (if SSH is enable on appliance)
Putty -> <DataPower IP> -> Port 22 -> enter Super Admin Username and Password
Execute to following commands to reset RBM:
xi50>co
xi50 (config)>rbm
xi50(config rbm)>reset
xi50(config rbm)>exit
Thys Michels Blog 