I've spent all day trying to get WebSphere 5's wsadmin to setup LDAP based server security (a job that should have taken an hour or two at most). What a bag of spanners - they've buggered up the WAS config, and didn't make wsadmin do lists properly, so the only way to make this work is to delete the whole LDAP config, and then put it back again. The amount of JACL hackery required is incredible. WebSphere is crap. IBM's websites don't let Google in, their own search engine is useless, and the only WebSphere information you can find anywhere is about training. Tell you anything?
Remember kids: WebSphere costs you more. Try WebLogic or JBoss - far superior (although don't have the glitzy TV ads to go with them).