Hey there I provisioned a FreeIPA instance (IPA, version: 4.10.2, dockerized) to switch from atlassian crowd. For the ldap bind in i.e. Jira I created a sysaccount and already added it to "cn=System: Change User password,cn=permissions,cn=pbac,$SUFFIX". This way users can change their password in Jira itself.
Now I want my users to be able to change their Display Name or Mail Address. Therefore I tried adding the sysaccount to "cn=System: Modify Users,cn=permissions,cn=pbac,$SUFFIX" but the changes do not get through to FreeIPA. There is no error displayed in Jira and I cannot find any hint within FreeIPA logs so far.
Do you have any advice on how to proceed from here?
Best regards Sefer