User without appropriate privileges / authorizations can activate LDAP connection via the System Overview in Java GUI

Article Id: 84586

Status: Published

Updated On: 15-04-2018 07:01

Legacy Id: 000013987

Products:

CA Automic Workload Automation - Automation Engine AUTOMIC WORKLOAD AUTOMATION

Issue/Introduction:

Error Message :
N/A

There are two users. In the test case JAC/SBB01 and TEST1/SBB01. User JAC/SBB01 has LDAP connection enabled and is not allowed to edit TEST1/SBB01 (in the test scenario he is not allowed to edit any USER object with name TEST1/SBB01):

<Please see attached file for image>

As can be seen, it is read only (Save-Button is greyed out) and LDAP connection is not checked for TEST1/SBB01.

Now open the System Overview and right click on TEST1/SBB01, select Activate LDAP connection:

<Please see attached file for image>

Now open TEST1/SBB01 again. LDAP connection is now checked:

<Please see attached file for image>

I.e. even though JAC/SBB01 is not allowed to edit TEST1/SBB01, it was possible to modify it via Activate LDAP connection in the System Overview.

Cause:

Cause type:
Defect
Root Cause: The LDAP setting of users can be activated/deactivated via the context menu without write authorization.

Environment:

Release: AUTWAB99000-12.0-Automic Workload Automation-Base Edition
Component:

Resolution:

Update to a fix version listed below or a newer version if available.

Fix Status: In Progress

Fix Version(s):
Automation Engine 12.2.0 - Planned release date: 2018-06-19
Automation Engine 12.1.2 - Planned release date: 2018-05-21
Automation Engine 12.0.5 - Planned release date: 2018-05-07
Automation Engine 11.2.8 - Planned release date: 201

Additional Information:

Workaround :
N/A

1558704416943000084586_sktwi1f5rjvs16lkz.png

Download

1558704414972000084586_sktwi1f5rjvs16lky.png

Download

1558704412875000084586_sktwi1f5rjvs16lkx.png

Download

1558704410860000084586_sktwi1f5rjvs16lkw.png

Download