LDAP Error 50 attempting to change password using the SecureLogin LDAP Client

  • 7940239
  • 19-Aug-2009
  • 16-Jan-2014

Archived Content: This information is no longer maintained and is provided 'as is' for your convenience.


SecureLogin SSO
Prior to v3.5



Customer installed SecureLogin Single Sign-On in LDAP mode, with Novell eDirectory as the LDAP Directory. After installing the client on the workstation they attempted to logon via the SecureLogin LDAP Client. The user’s password had expired and they were prompted to change it. When they attempted to change it, they received LDAP Error 50.



LDAP Error 50 is LDAP_INSUFFICIENT_ACCESS: Indicates that the user does not have sufficient rights to perform the requested operation.

The customer used trial and error to establish the user required RWCA rights to the Object Trustee (ACL) property of the user object. Users only needed the rights to their own object to perform the change password.


As a work around the customer granted users RWCA rights to the Object Trustee (ACL) property. This issue has been reported to engineering and will be resolved in a future release.