User without appropriate privileges / authorizations can activate LDAP connection via the System Overview in Java GUI

Article Id: 84586
Status: Published
Updated On: 17-08-2020 16:09
Legacy Id: 000013987
Products:
CA Automic Workload Automation - Automation Engine
Issue/Introduction:

Error Message :
N/A

There are two users. In the test case JAC/SBB01 and TEST1/SBB01. User JAC/SBB01 has LDAP connection enabled and is not allowed to edit TEST1/SBB01 (in the test scenario he is not allowed to edit any USER object with name TEST1/SBB01):



Log in as JAC/SBB01 and open TEST1/SBB01:


 


As can be seen, it is read only (Save-Button is greyed out) and LDAP connection is not checked for TEST1/SBB01.

Now open the System Overview and right click on TEST1/SBB01, select Activate LDAP connection:



Now open TEST1/SBB01 again. LDAP connection is now checked:


 


I.e. even though JAC/SBB01 is not allowed to edit TEST1/SBB01, it was possible to modify it via Activate LDAP connection in the System Overview.

Cause:

Cause type:
Defect
Root Cause: The LDAP setting of users can be activated/deactivated via the context menu without write authorization.

Environment:

Release: AUTWAB99000-12.0-Automic Workload Automation-Base Edition
Component:

Resolution:

Update to a fix version listed below or a newer version if available.

Fix Status: In Progress

Fix Version(s):
Automation Engine 12.2.0 - Available
Automation Engine 12.1.2 - Available
Automation Engine 12.0.5 - Available

Additional Information:

Workaround :
N/A