ODSEE Policy Store : Error occurred during "SearchExt" for "(&(objectClass=xpsObject)(|(xpsCategory=2)(xpsCategory=3)))", text: Insufficient access

Document ID : KB000012591
Last Modified Date : 14/02/2018
Show Technical Document Details
Question:

We have configured our Policy Store in ODSEE with a non-Directory Manager account, and we are getting this error when the Policy Server starts:

[SmLdapBulkSearch.cpp:730][InitReadsVLV][ERROR][sm-xpsxps-01080]Error occurred during "SearchExt" for "(&(objectClass=xpsObject)(|(xpsCategory=2)(xpsCategory=3)))", text: Insufficient access]

What could be causing this error?

Environment:
Policy Server : R12.52 SP1Policy Store : ODSEE 11.1.1.7.0
Answer:

After Sun/Oracle DSEE 6.x, cn=config branch is not under root DN, and it is considered as a separated branch. Then, for non-Directory Manager users, you need to add an additional ACI to grant read access to cn=config, as the user needs permission to browse VLV indexes.

Additional Information: