[CWD-4311] Unable to manage user status locally LDAP: error code 50 - 00002098 - Create and track feature requests for Atlassian products.

Type: Bug
Resolution: Fixed
Priority: Medium
Fix Version/s: 2.12.0
Affects Version/s: 2.6, 2.7.2, 2.8
Component/s: None
Labels:
- warranty

Symptom Severity:
Severity 2 - Major
Bug Fix Policy:
View Atlassian Server bug fix policy

Steps to reproduce:

Create a LDAP directory with read and write permission
Turn on manage user Locally option
Deactivate any user from the directory

Expected Result
The user has been deactivated without error, and the change is not propagated to the backing directory. See https://confluence.atlassian.com/display/CROWD/Deleting+or+Deactivating+a+User.

End result:
Error message :

org.springframework.ldap.NoPermissionException: [LDAP: error code 50 - 00002098: SecErr: DSID-03150BB9, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0]; nested exception is javax.naming.NoPermissionException: [LDAP: error code 50 - 00002098: SecErr: DSID-03150BB9, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0]; remaining name 'SOME USER DN'

Cause:
I suspect this issue was caused by the Configured Bind DN user have insufficient permission to write on AD, as when you click on update, it will prompt to check user's detail as below:

Managing user locally should not update anything to the LDAP/AD

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List

crowd.png
33 kB
02/Apr/2015 8:31 AM
unnamed.png
48 kB
08/Apr/2015 1:10 PM

relates to

CWD-4110 Crowd tries to update display name on LDAP when different than first name plus last name

Closed

mentioned in: Page Failed to load; Page Failed to load; Page Failed to load; Page Failed to load; Page Loading...

was cloned as: KRAK-254 Loading...

(1 mentioned in, 1 was cloned as)

Monique Khairuliana (Inactive) made changes - 19/Aug/2019 8:01 AM

Epic Link

Original: CWD-4704 [ 600140 ]

Monique Khairuliana (Inactive) made changes - 15/Aug/2019 7:06 AM

Workflow

Original: Simplified Crowd Development Workflow v2 - restricted [ 1508559 ]

New: JAC Bug Workflow v3 [ 3365795 ]

Owen made changes - 24/Oct/2018 5:04 AM

Symptom Severity

Original: Major [ 14431 ]

New: Severity 2 - Major [ 15831 ]

Mareusz (Inactive) made changes - 12/Apr/2017 9:25 AM

Remote Link

New: This issue links to "Page (Extranet)" [ 279737 ]

Patryk made changes - 13/Mar/2017 3:30 PM

Remote Link

New: This issue links to "Page (Extranet)" [ 269473 ]

Patryk made changes - 18/Jan/2017 2:29 PM

Fix Version/s		New: 2.12.0 [ 66140 ]
Resolution		New: Fixed [ 1 ]
Status	Original: Verified [ 10005 ]	New: Closed [ 6 ]

Patryk made changes - 18/Jan/2017 2:29 PM

Assignee

New: Patryk [ ppetrowski ]

Lukasz Pater made changes - 03/Jan/2017 2:39 PM

Link

New: This issue relates to ~~CWD-4110~~ [ ~~CWD-4110~~ ]

Mareusz (Inactive) made changes - 07/Dec/2016 8:51 AM

Remote Link

New: This issue links to "KRAK-254 (JIRA Server (Bulldog))" [ 238554 ]

jonah (Inactive) made changes - 26/Aug/2016 1:36 AM

Symptom Severity

New: Major [ 14431 ]

Assignee:: Patryk

Reporter:: Wayne Wong

Affected customers:: 9 This affects my team

Watchers:: 15 Start watching this issue

Created:: 02/Apr/2015 8:30 AM

Updated:: 19/Aug/2019 8:01 AM

Resolved:: 18/Jan/2017 2:29 PM

Crowd Data Center

Details

Description

Attachments

Attachments

Issue Links

Forms

Activity

[CWD-4311] Unable to manage user status locally LDAP: error code 50 - 00002098

People

Dates