Environment
Novell eDirectory 8.7.3 for All Platforms
Novell SecureLogin 3.51.5
Novell SecretStore 3.3.5
Novell SecretStore 3.3.5
Situation
Defined SecretStore administrator can't unlock some users whose secret store has been locked.
Resolution
The SecretStore Administrator must be in the same context, or
a subset of the context of the user it is attempting to
unlock.
Example:
For users in ou=accounting.ou=provo.ou=ut.o=novell, the SS
Admin user MUST reside in one of the following containers:
ou=accounting.ou=provo.ou=ut.o=novell
ou=provo.ou=ut.o=novell
ou=ut.o=novell
o=novell
Additional Information
The Secret Store Administrator (SS Admin) functionality
was intentionally designed this way, so that you can have multiple
subtrees, with different SS Admin accounts only able to manage
their own subtree.