LDAP error code 50 - NDS erro -672

[flye...@gmail.com]

Well, I'm getting closer to get everything working.  Running eDir 8.8.6 on OES11.0.   I get the following error when:

Select the Forgotten Password link > Answer my challenge questions > hit enter and I get this.

An error occurred while unlocking your account. Please contact your administrator. { 5046 ERROR_UNLOCK_FAILURE (unable to unlock user cn=xxx,ou=xxx,o=xxx error: error writing to lockedByIntruder: [LDAP: error code 50 - NDS error: no access (-672)]) }


Is this the proxy user not configured correctly or do I need to add more rights to the user?


Thanks
Hans

[Menno Pieters]

That would be the proxy user, who needs permissions to unlock the user account.

Regards,

Menno

--
You received this message because you are subscribed to the Google Groups "pwm-general" group.
To unsubscribe from this group and stop receiving emails from it, send an email to pwm-general...@googlegroups.com.
To post to this group, send email to pwm-g...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msg/pwm-general/-/isxRVpoSE24J.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

[flye...@gmail.com]

Hey Menno,

Thanks for your reply.  Here are the rights of my proxy user.  These rights are set at the OU where my users are.

Locked By Intruder = Compare, Read, Write
Login Intruder Attempts = Compare, Read, Write
Login Intruder Reset Time = Compare, Read, Write
Object Class = Compare, Read, Write
Password Management = Compare, Read, Write
Entry Rights = Browse
pwmEventLog = Compare, Read, Write
pwmLastPwdUpdate = Compare, Read, Write

When I change the proxy user to my Admin account as a test it all works.  So I must be missing some rights somewhere.  Any Ideas??

Thanks
Hans