I'm using Solaris 10 TX 8/07 with Directory Server 5.2 p6, SRSS 4.0 update 2, 
and several thick clients.  The DS, SRSS, and NFS server reside on different 
hardware.  The patches are current on all systems as of 8 Jan 08.  I have 
encountered a problem with roles when users are in TJDS.  I've created a role 
in LDAP with no rights or privileges other than what is in the default 
policy.conf.  This role will allow select users to run Win4Solaris.  I do not 
want these users to have access to admin_low or admin_high so they are not part 
of the role.  This arrangement works in TCDE without a problem.  However, when 
a user tries to assume the role in TJDS they receive the following error 
message. " The system administrator has temporarily disabled access to the 
system for <role name>. See your system administrator."  This problem exists on 
thick and thin clients.  If I edit the role to add admin_low and admin_high the 
problem goes away if I remove admin_low and admin_high the problem returns.  Is 
anyone aware of this problem?
 
 
This message posted from opensolaris.org

Reply via email to