Revision: 1.0
Date: 03/02/11

Problem: When regular users attempt to access their Private Password Store, they are immediately logged out with a web page error stating, “Insufficient manager permission: You are not allowed to perform this operation.”

Cause: Problematic function in the code of an ASP page.

Resolution: The behavior is easily corrected using the following steps:

ERPM
Depending on the web application configuration option for the password recovery settings that define whether or not to require a comment for password recovery, use either method that applies to your requirement for password recovery.

Open the RecoverPersonalAccount ASP file, typically located at c:\inetpub\wwwroot\pwcweb. Go to line 156 and of the file.

1) If you want to require a recovery comment for personal passwords add the "bRequireComment" line as the second line and set the value to true. You must also comment out the first line as such:

'GetIsRecoveryCommentRequired
bRequireComment = true
if bRequireComment then
else
sRecoveryComment = "No Comment"
end if


2) If you don't want to require a recovery comment for personal passwords then set the value to false:

'GetIsRecoveryCommentRequired
bRequireComment = false
if bRequireComment then
else
sRecoveryComment = "No Comment"
end if

To ensure that new website installations performed from the management console retain these edits, perform the same steps for the RecoverPersonalAccount.asp page in the installation directory typically "C:\Program Files\Lieberman\roulette
WebInterface" on 32bit systems or "C:\Program Files (x86)\lieberman\roulette\WebInterface" on 64bit systems.

RPM
Depending on the web application configuration option for the password recovery settings that define whether or not to require a comment for password recovery, use either method that applies to your requirement for password recovery.

Open the RecoverPersonalAccount ASP file, typically located at c:\inetpub\wwwroot\rpmweb. Go to line 156 and of the file.

1) If you want to require a recovery comment for personal passwords add the "bRequireComment" line as the second line and set the value to true. You must also comment out the first line as such:

'GetIsRecoveryCommentRequired
bRequireComment = true
if bRequireComment then
else
sRecoveryComment = "No Comment"
end if


2) If you don't want to require a recovery comment for personal passwords then set the value to false:

'GetIsRecoveryCommentRequired
bRequireComment = false
if bRequireComment then
else
sRecoveryComment = "No Comment"
end if

To ensure that new website installations performed from the management console retain these edits, perform the same steps for the RecoverPersonalAccount.asp page in the installation directory typically "C:\Program Files\Lieberman\RPM\WebInterface" on 32bit systems or "C:\Program Files (x86)\lieberman\RPM\WebInterface" on 64bit systems.

This issue will be corrected in versions following version 4.83.1.

Applies To: Enterprise Random Password Manager (ERPM)
Random Password Manager (RPM)