Uploaded image for project: 'Crowd Data Center'
  1. Crowd Data Center
  2. CWD-4311

Unable to manage user status locally LDAP: error code 50 - 00002098

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Medium Medium
    • 2.12.0
    • 2.6, 2.7.2, 2.8
    • None

      Steps to reproduce:

      1. Create a LDAP directory with read and write permission
      2. Turn on manage user Locally option
      3. Deactivate any user from the directory

      Expected Result
      The user has been deactivated without error, and the change is not propagated to the backing directory. See https://confluence.atlassian.com/display/CROWD/Deleting+or+Deactivating+a+User.

      End result:
      Error message :

      org.springframework.ldap.NoPermissionException: [LDAP: error code 50 - 00002098: SecErr: DSID-03150BB9, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0]; nested exception is javax.naming.NoPermissionException: [LDAP: error code 50 - 00002098: SecErr: DSID-03150BB9, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0]; remaining name 'SOME USER DN'

      Cause:
      I suspect this issue was caused by the Configured Bind DN user have insufficient permission to write on AD, as when you click on update, it will prompt to check user's detail as below:

      Managing user locally should not update anything to the LDAP/AD

        1. crowd.png
          crowd.png
          33 kB
        2. unnamed.png
          unnamed.png
          48 kB

            [CWD-4311] Unable to manage user status locally LDAP: error code 50 - 00002098

            No work has yet been logged on this issue.

              ppetrowski Patryk
              wwong Wayne Wong
              Affected customers:
              9 This affects my team
              Watchers:
              15 Start watching this issue

                Created:
                Updated:
                Resolved: