Hello Guys,
I'm trying to use etautil to assign a list of provisioning roles to a group of users.
I am running this command:
- etautil.exe -d im -u etaadmin -p ****** -f assig_prov_roles.txt >> etautil_log.txt
the content of the fille is the following:
- update "eTGlobalUserContainerName=Global Users,eTNamespaceName=CommonObjects" eTGlobalUser eTGlobalUserName="prueba usuario 601" to +eTRoleDN="eTRoleName=BAS_Generico,eTRoleContainerName=Roles,eTNamespaceName=CommonObjects,dc=im,dc=eta"
When run it i'm getting the following error:
- :ETA_E_0007<MGU>, Global User 'prueba usuario 601' modification failed: You are not authorized to perform this function. Your account lacks MODIFY access to SyncUsers on one or more Provisioning Role objects.
To run the command i'm using the "etaadmin" user, which is the default user for the provisioning server, this user has the "DomainAdminitrator" admin profile assigned by default, and this gives control to the entire domain.
I'm not sure if there's something i'm missing in the command but the etaadmin user should be able to run this operation.
Any ideas on this ?
Regards.