5.2 Configuring a Non-Administrator User as an Identity Vault Administrator

If Identity Applications are configured to use a non-administrator user as an Identity Vault Administrator, the non-administrator user must have [write] rights to the oidpInstanceData attribute in the subtree where the users reside. Otherwise, OSP logins can fail.

To set the write rights on the oidpInstanceData attribute for a non-administrator user:

  1. Log in to iManager.

  2. In the Roles and Tasks view, click Rights > Modify Trustees.

  3. Select the non-administrator user object, then click Add Trustee.

  4. For oidpInstanceData attribute, set the Compare, Read, and Write rights.

  5. Click Apply to save and apply your changes.