000022613 - Externally provisioned RSA ClearTrust users cannot be given admin rights

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000022613
Applies ToRSA ClearTrust 5.5.3
LDAP datastore
IssueExternally provisioned RSA ClearTrust users cannot be given admin rights
"Users in ctstore are read-only."
ResolutionIf the following flag is set in your ldap.conf file:

    cleartrust.data.ldap.user.readonly :true

, you will not be able to assign administrative privileges (through the RSA ClearTrust Entitlements Manager [Admin GUI]) to a user that was added to your LDAP datastore by external means (that is not through Admin GUI or Administrative API). You'll see the error: "Users in ctstore are read-only".

This issue has been resolved in a hot fix for RSA ClearTrust 5.5.3 Servers. Contact RSA Security Customer Support to obtain hot fix 5.5.3.63, or request the latest fix level (which is cumulative, and contains fixes from previous fix levels).
Legacy Article IDa29392

Attachments

    Outcomes