User without appropriate privileges / authorizations can activate LDAP connection via the System Overview in Java GUI

Document ID : KB000084586
Last Modified Date : 14/04/2018
Show Technical Document Details
Error Message :

There are two users. In the test case JAC/SBB01 and TEST1/SBB01. User JAC/SBB01 has LDAP connection enabled and is not allowed to edit TEST1/SBB01 (in the test scenario he is not allowed to edit any USER object with name TEST1/SBB01):


Log in as JAC/SBB01 and open TEST1/SBB01:


As can be seen, it is read only (Save-Button is greyed out) and LDAP connection is not checked for TEST1/SBB01.

Now open the System Overview and right click on TEST1/SBB01, select Activate LDAP connection:


Now open TEST1/SBB01 again. LDAP connection is now checked:


I.e. even though JAC/SBB01 is not allowed to edit TEST1/SBB01, it was possible to modify it via Activate LDAP connection in the System Overview.
Cause type:
Root Cause: The LDAP setting of users can be activated/deactivated via the context menu without write authorization.
Update to a fix version listed below or a newer version if available.

Fix Status: In Progress

Fix Version(s):
Automation Engine 12.2.0 - Planned release date: 2018-06-19
Automation Engine 12.1.2 - Planned release date: 2018-05-21
Automation Engine 12.0.5 - Planned release date: 2018-05-07
Automation Engine 11.2.8 - Planned release date: 201
Additional Information:
Workaround :