Error Message :
There are two users. In the test case JAC/SBB01 and TEST1/SBB01. User JAC/SBB01 has LDAP connection enabled and is not allowed to edit TEST1/SBB01 (in the test scenario he is not allowed to edit any USER object with name TEST1/SBB01):
Log in as JAC/SBB01 and open TEST1/SBB01:
As can be seen, it is read only (Save-Button is greyed out) and LDAP connection is not checked for TEST1/SBB01.
Now open the System Overview and right click on TEST1/SBB01, select Activate LDAP connection:
Now open TEST1/SBB01 again. LDAP connection is now checked:
I.e. even though JAC/SBB01 is not allowed to edit TEST1/SBB01, it was possible to modify it via Activate LDAP connection in the System Overview.
Root Cause: The LDAP setting of users can be activated/deactivated via the context menu without write authorization.
Update to a fix version listed below or a newer version if available.
Fix Status: In Progress
Automation Engine 12.2.0 - Planned release date: 2018-06-19
Automation Engine 12.1.2 - Planned release date: 2018-05-21
Automation Engine 12.0.5 - Planned release date: 2018-05-07
Automation Engine 11.2.8 - Planned release date: 201