It seems like the dsaadmin user does not have sufficient permissions to write. Try running the same update via jxplorer or a similar LDAP browser to see if you need to modify permissions.
If you are using CA Directory, please see the documentation for directory access controls:
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/directory/14-1/ca-directory-concepts/directory-access-controls.html------------------------------
Perhaps there are others in the communities who have experience in doing this and we invite them to comment here also.
Another option may be to reach out to our partner HCL Technologies to see in what way they can assist further. The Enterprise Studio team of HCL can be reached at
enterprisestudio@hcl.com.
https://www.hcltech.com/enterprise-studio------------------------------
Original Message:
Sent: 01-03-2020 10:30 AM
From: wong chi kin
Subject: insufficeint access right to update attribute in IM USer store
Hi,
I am doing a powershell script for update the attribute in the user store for identity manager. My script will query the user store first for the required attribute(Attribute A) and process it. After that, my script will update the other attribute (Attribute B). But when my script try to update Attribute B, I get insufficient access right to perform the operation, I didn't found the same error when my script try to query the user store. The connection credential I used was dsaadmin. May I know whether the dsaadmin only have the read permission only ? I can share the powershell syntax I use if required