Article Content
Article Number | 000033829 |
Applies To | RSA Product Set: SecurID RSA Product/Service Type: Authentication Manager RSA Version/Condition: 8.x |
Issue | Administrators are unable to manage LDAP users, including token assignments, as the users are in a disabled state, shown here: |
Cause | The account that is being used to bind to the external identity source does not have full read permissions on the user accounts. As a result, Authentication Manager is unable to read the userAccountControl field from the external identity source. This setting flags whether the user account is disabled or not. As Authentication Manager cannot determine if the account is enabled or not, for security reasons, it will interpret that the account is disabled. |
Resolution | To resolve this issue,
|