Assistant Admin does not have power to perform usersetinfo error. (NETIQKB73273)

  • Document ID:7773273
  • Creation Date:17-Nov-2011
  • Modified Date:17-Nov-2011
    • Micro Focus Products:
      Directory and Resource Administrator

Environment

Directory & Resource Administrator 8.x

Situation

Assistant Admin does not have power to perform usersetinfo error

Error: The Assistant Admin does not have enough power to perform the usersetinfo operation.

Unable to modify attributes of objects unless the View All Properties power is delegated.

Resolution

If you want an assistant admin to modify some properties of a user, it will return an error unless the user has view all user account properties power. 

To reproduce this behavior (for example):

  1. Create an ActiveView and delegate to an Assistant Admin to be able to modify the address properties of a user and make sure to NOT give View all user account properties power. 
  2. Log in as the Assistant admin and try to modify the address field of a user.

To resolve this behavior you will delegate Assistant Admins the ability to View All User Account Properties. Alternately, you can grant the view power over a specific attribute.

An example on how to accomplish this below:

  1. Open delegation and configuration console
  2. Expand Delegation Management
  3. Right click on Powers and select New power
  4. On action tab select on the Action dropdown "retrieves the properties of a user" and Next (this is the "view" ability)
  5. Select Include only listed properties and click Add and add the specific attribute property you want the Assistant Admin to be able to view
  6. Finish the wizard and name the new custom power
  7. Remove the View All User Properties power in the ActiveView and Add the custom power you created

 

Additional Information

Formerly known as NETIQKB73273