maqsood wrote:

> we have tested the initiator rights from LDAP browser and can
> confirm that "initiator" can read the attributes, but form the workflow
> UI forms , it looks like the only way to make it work is to give
> "PUBLIC" user rights.


How about an LDAP trace to find out how UA authenticates exactly in your setup?
If that shows an anonymous bind, work out why and fix it. If it's an
authenticated bind you know whom to give the required rights.

--
http://www.is4it.de/en/solution/iden...ss-management/

(If you find this post helpful, please click on the star below.)