Save results in error 500: Insufficient AccessCreated: 2014-09-24 12:20:26
Modified: 2017-05-17 10:15:55
Tags: Directify Errors Troubleshooting
When an end-user attempts an action within the Directify User form, the resulting LDAP action uses a proxy account to perform all actions against the target directory.
The Directify proxy account is set on the LDAP tab of the Directify config. The recommended permissions for this user is Domain Admin.
If the user is not a Domain Admin, then it is subject to whatever permissions settings apply to that user.
When attempting to save changes, Insufficient Access error is the result of the attempt to apply the Save (Modify) of the record. In this case, the user specified as the Directify proxy admin is the user that has insufficient access and, therefore, cannot modify an attribute of the object in that OU.
One way to test this issue is to attempt to manually change a directory record as the user specified for the proxy account. If you are not able to modify the account directly, Directify will also be unable to modify that object.
To correct the issue, specify a proxy account on the LDAP tab that possesses adequate permissions.