Cybersecurity
DevOps Cloud (ADM)
IT Operations Cloud
Summary
Deployment of workflow via designer failed with error -672
Products
Identity Manager (IDM)
Environment
IDM 4.7.x and 4.8.x
Situation
Deployment of workflow via designer failed with the following error messages.
com.novell.admin.common.exceptions.LDAPSPIException: (Error50)Insufficient access rights.
com.novell.admin.common.exceptions.LDAPSPIException.newException(LDAPSPIException.java:105) com.novell.admin.ns.ldap.jndi.LDAPNamespaceImpl.resolveSPIException(LDAPNamespaceImpl.java:2999) sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.lang.reflect.Method.invoke(Method.java:498)
org.eclipse.equinox.launcher.Main.invokeFramework(Main.java:648)
org.eclipse.equinox.launcher.Main.basicRun(Main.java:603)
org.eclipse.equinox.launcher.Main.run(Main.java:1465)
org.eclipse.equinox.launcher.Main.main(Main.java:1438)Cause: javax.naming.NoPermissionException: [LDAP: error code 50 - NDS error: no access (-672)]; remaining name 'cn=<PRD Name>,cn=RequestDefs,cn=AppConfig,cn=User Application Driver,cn=driverset1,o=system'
Cause
Admin rights for the workflow object have been changed to read-only without supervisor right.
Resolution
1. Login as admin to iManager console and create another admin account
2. Grant this new admin as trustee on the root object with supervisor right
a. Go to Roles and Tasks - Rights - Modify Trustees - select Object to grant the permission
b. Click on Assigned Rights to provide the relevant permissions.
3. Login as the new admin and change the admin right back to supervisor. Perform the same steps as step 2.
Full Knowledge Base Article Link
URL Name
KM000011482