When boot-strapping the access control system of a server using LDAP authorization you need to create the initial role.

This is allowed by virtual of modifying the localhost exception to allow role creation of the roles retrieved for a user authenticated to the LDAP server.

If the role creation fails we should provide an informative error message stating which roles the user is allowed to create.