IBM Support

'LDAP: error code 50 - Insufficient Access Rights' when adding users to Domino via LDAP

Technote (FAQ)


The LDAP task is running on a Lotus® Domino® server. When you attempt to add a user to the Domino Directory via LDAP, the following error occurs:

    "LDAP: error code 50 - Insufficient Access Rights"

Excerpt from console log when LDAPDEBUG=7 is enabled:

LDAP>Attempting Add of entry to database D:\Lotus\Domino\Data\names.nsf (index 1) ...
LDAP>CNotesException thrown at s_misc.cpp:1511 - 582
LDAP>CNotesException caught at s_misc.cpp:1633 - You are not authorized to perform that operation
LDAP>CLDAPException re-thrown at s_misc.cpp:1653 - You are not authorized to perform that operation
LDAP>CNotesException caught at s_add.cpp:921 - You are not authorized to perform that operation
LDAP> LDAP Add return result: Insufficient access
LDAP> Return Result State (Add operation)
LDAP> StateReturnResult returning resultCode 50 (Insufficient access)
LDAP> SendBufferFree


This issue can occur when your ACL setting on the Domino Directory for "Maximum Internet name and password" is less than Author. Typically the issue is resolved by increasing this setting to at least Author.

Related information

What to Know When Writing New Entries to a Domino Direc

Document information

More support for: IBM Domino

Software version: 6.5, 7.0, 8.0, 8.5

Operating system(s): AIX, IBM i, Linux, Solaris, Windows, z/OS

Reference #: 1229790

Modified date: 02 November 2009

Translate this page: