Hi,
While I am trying to start a VM from Power Cli, it gives below error message. I can start that VM from Vi Client. I am not admin but I have rights to power on / off rights in virtual center.
******************************************************************
Get-VM Unsufficient permissions. You need 'System.Read' privileges to complete the requested operation.
At line:1 char:7
+ Get-VM <<<< servername | Start-VM
+ CategoryInfo : InvalidArgument: (VirtualMachine-vm-1872:Managed
ObjectReference) [Get-VM], NoPermission
+ FullyQualifiedErrorId : Client20_QueryServiceImpl_RetrieveProperties_Not
Permission,VMware.VimAutomation.ViCore.Cmdlets.Commands.GetVM
Get-VM : 4/13/2011 5:16:33 PM Get-VM VM with name servername' was
not found, using the specified filter(s).
At line:1 char:7
+ Get-VM <<<< servername | Start-VM
+ CategoryInfo : ObjectNotFound: (:) [Get-VM], VimException
+ FullyQualifiedErrorId : Core_OutputHelper_WriteNotFoundError,VMware.VimA
utomation.ViCore.Cmdlets.Commands.GetVM
*********************************************************************
Thanks,
Naresh Sharma
From the message it looks as if you have no permissions whatsoever on that VM.
The System.Read privilege is a privilege that can not be assigned but that is added to all roles that have some privileges.
Perhaps you can do a
Get-VM ITSUSMPW00015 | Get-VIPermission
to check what permissions are assigned to that VM
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
I ran this command to get the permission details but it also didn't work with same error code.
**********
[vSphere PowerCLI] C:\Program Files\VMware\Infrastructure\vSphere PowerCLI> Get-
VM servername | Get-VIPermission
Get-VM : 4/13/2011 7:22:28 PM Get-VM Unsufficient permissions. You ne
ed 'System.Read' privileges to complete the requested operation.
At line:1 char:7
+ Get-VM <<<< servername | Get-VIPermission
+ CategoryInfo : InvalidArgument: (VirtualMachine-vm-1872:Managed
ObjectReference) [Get-VM], NoPermission
+ FullyQualifiedErrorId : Client20_QueryServiceImpl_RetrieveProperties_Not
Permission,VMware.VimAutomation.ViCore.Cmdlets.Commands.GetVM
Get-VM : 4/13/2011 7:22:28 PM Get-VM VM with name 'servername' was
not found, using the specified filter(s).
At line:1 char:7
+ Get-VM <<<< servername | Get-VIPermission
+ CategoryInfo : ObjectNotFound: (:) [Get-VM], VimException
+ FullyQualifiedErrorId : Core_OutputHelper_WriteNotFoundError,VMware.VimA
utomation.ViCore.Cmdlets.Commands.GetVM
**************************
It looks as if you have no privileges whatsoever at least on that specific VM.
Is that the same on the rest of the VMs in your vCenter ?
Does this return anything ?
Get-Datacenter | Get-VIPermission
Did you do the Connect-VIServer with the same account as the one you use to connect to the vSphere Client ?
Can you eventually try with another account and run the PowerCLI cmdlet again ?
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
I ran this command and got below result. ( I cannot show actual data for security reason, I have renamed role and group name )
*****************
EntityId Role Principal IsGroup Propagate
-------- ---- --------- ------- ---------
Datacenter-datace... windows admin ntgroup... False True
*************
I am not administrator of virtual center. I am part of nt group which has assigned Role in virtual center to create/delete/poweroff/poweron VMs. I tried to see the properties of that role in which my nt group assigned but it's disabled so I cannot see what accesses are given to this role.
However as I said, I can create/delete/poweroff/poweron all VMs. I tried to start different VM but same error and also tried different account which is also part of that role but no luck.
Since you can display the permissions on the datacenter your permissions are ok for that node in the vCenter.
For the specific VM(s) you seem to be missing any permission.
See Steve Jin's post called Difference of Two Common Privileges in vSphere API for a description how the system.read privilege gets assigned.
Note that the actual privileges you get on an object is the combination of all permissions that apply to your account.
If there is more than one permissions that applies, the most restrictive one will be used.
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
I am new to Power CLI and Virtual Center. Not sure how to resolve this.
Thanks