Policy Server Reporting "Insufficient Access" Issues

Document ID : KB000051428
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

Policy Server reports "Insufficient access" issues against LDAP user store. Any attempt to verify this issue by resetting password for a user from policy server console UI resulted in "Error 60" and smps.log showed "Error 50".

Here are the snippets from the smps.log
[17294/58928][Tue May 26 2009 17:27:58][SmDsLdapProvider.cpp:5701][ERROR]
(SetUserProp) DN: 'uid=user1,ou=people,o=company.com', Prop
Name: 'disabled', PropValue: '16777216' . Status: Error 50.
Insufficient access
[17294/58928][Tue May 26 2009 17:27:59][SmDsLdapProvider.cpp:5701][ERROR]
(SetUserProp) DN: 'uid=user1,ou=people,o=company.com', Prop
Name: 'disabled', PropValue: '16777216' . Status: Error 50.
Insufficient access
[17294/59182][Tue May 26 2009 17:28:00][SmDsLdapProvider.cpp:5701][ERROR]
(SetUserProp) DN: 'uid=user1,ou=people,o=company.com', Prop
Name: 'disabled', PropValue: '16777216' . Status: Error 50.
Insufficient access
[17294/58790][Tue May 26 2009 17:28:03][SmDsLdapProvider.cpp:5701][ERROR]
(SetUserProp) DN: 'uid=user1,ou=people,o=company.com', Prop
Name: 'disabled', PropValue: '16777216' . Status: Error 50.
Insufficient access
[17294/58731][Tue May 26 2009 17:28:12][SmDsLdapProvider.cpp:5701][ERROR]
(SetUserProp) DN: 'uid=cafepilot8@company.com,ou=UBPS,ou=busi
nesspartners,o=company.com', PropName: 'disabled', PropValue: '16777216'.
Status: Error 50. Insufficient access

Solution:

Modify the server IP/port of the user store that was failing to some random IP/port (non-existing) and save it. Then modify the configuration back to the correct IP address/port and save it. This resolves the issue. When we enter the IP/port and save the user store configuration, it establishes a new set of connections.