You are now prompted to enter an administrator username and password. Directory Server must be able to verify this user when the security manager has been removed from the list. That is, where there are other security managers in the list, the user account must either exist in at least one of those security managers. Where there are no other security managers in the list, Directory Server will use its legacy security model, and the user must be defined within that model.
If Directory Server cannot verify the user, the security manager will not be removed.
and
If appropriate credentials are not supplied or are not valid, the changes will not be applied.