000018324 - Error: 'Unwilling to perform' RSA ClearTrust 5.5 Entitlements Manger when modifying user properties

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000018324
Applies ToRSA ClearTrust 5.5 Authorization Server (AServer)
RSA ClearTrust 5.5 Entitlements Manager (Admin GUI)
Microsoft Windows Server 2003
Microsoft Active Directory
IssueError: "Unwilling to perform" RSA ClearTrust 5.5 Entitlements Manger (Admin GUI) when modifying user properties
Entitlements Manger displays this error message:

sirrus.api.client.TransportException: 0000209A: SvcErr: DSID-031A0DD1, problem 5
003 (WILL_NOT_PERFORM), data 0
  [LDAP server is unwilling to perform
Active Directory's "memberOf" group attribute cannot  be modified; if an attempt is made to update this attribute, Active Directory will return this error message
If you are setting up the "memberOf" attribute as a ClearTrust user property for export in the HTTP header, you must mark the user property as "Read Only" in the Entitlements Manager "Add new user property" page. If this is not done, attempting to modify any user properties for the user will generate this error.
Legacy Article IDa20772