Hi,
Thank you for the quick answer ! Let me reformulate.
I mentioned the role CAI Power by mistake. We were able to manage the ACL using the "Super Admin" role, which was given when the LDAP mapping was created.
But the Super Admin role consumes a CAI license, which we don't own, thus we can not continue to use it to manage the ACL. My question was about managing it without this account/role.
Someone from CA got in touch with us for another subject, and we asked him about it : he recommended to open a case, which we will.
Thank you again for your time
Théo Buri