I'm trying to create a snapshot using the power cli
I added the relevant permissions (i think) to a user (from different domain). I can get lists for example: get-vm is working.
The issue is when I'm trying to create a snap shot I get the following error:
New-Snapshot : 2/18/2016 4:35:53 PM New-Snapshot Permission to perform this operation was denied. Required privilege 'VirtualMachine.State.CreateSnapshot'
on managed object with id 'VirtualMachine-vm-2566'.
At line:1 char:27
+ Get-VM -Name $computer | New-Snapshot -Name "BeforePatch" -Description "Before ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [New-Snapshot], NoPermission
+ FullyQualifiedErrorId : Client20_VMServiceImpl_CreateSnapshot_ViError,VMware.VimAutomation.ViCore.Cmdlets.Commands.NewSnapshot
I also try to change the permission to Administrator to the user and I still get this error which is very wired.
the permissions on the role:
Name Description
---- -----------
Anonymous The only privilege held by sessions which have
View Visibility without read access to an entity. Th
Read Grants read access to an entity
Create snapshot Create a snapshot
Revert to snapshot Make a snapshot current
Remove Snapshot Remove a snapshot
Rename Snapshot Rename a snapshot
Any idea?
Can you create the snapshot with that same account from the Web Client ?
Are you saying that you gave the principal the Administrator role, and the message was still there ?
Not sure what you mean by "permission to Administrator", do you mean the role ?
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Hi LucD,
I have vsphere 5.5 U2
I also tried to check this in the web client with the same issue.
I also try to check that the user (from another domain using sso) is not appear in other roles.
Permission to Administrator = change to role Adminstrator
A wild guess, could that user be (or have been) a member of the local Administrators group on the vCenter ?
Does this only occur with that specific account ? Or with others that have the Administrator role ?
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
this user is not a member in the Administrators
This occur only in that user
to workaround this I created a user in the domain that the VCenter server is aa member and then The Admin role works.
Very wired the user from another domain is has this issue.
Do other users from that other domain have the same issue ?
Did you add that other domain to the Default Domains ?
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
For my user for example I don;t have this issue
This Domain is not the default