- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I'm trying to create more limited permissions in our vcenter environment, but every role I assign my users to, none of them have console permissions and receive the below:
A server error occurred.
Unable to connect to MKS: Permission to perform this operation was denied.
Check the vSphere Client server logs for details.
My role is as follows:
The only role that works is administrator.
vsphere_client_virgo.log is not showing me much, beside me getting a lot of the following:
[2018-12-11T20:25:01.863Z] [INFO ] e-console-message-pool-79825 c.vmware.vise.vim.commons.mks.tomcat.RemoteConsoleMessageInbound Encountered EOF character, sleeping for 100 ms.
[2018-12-11T20:25:01.863Z] [INFO ] e-console-message-pool-15192 c.vmware.vise.vim.commons.mks.tomcat.RemoteConsoleMessageInbound Encountered EOF character, sleeping for 100 ms.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi
Unable to connect to MKS: Permission to perform this operation was denied.
LinkedIn: http://www.linkedin.com/in/dcodiego
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Diego, unfortunately that's not it. I've tried that permission on the host itself, same result.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Did you check your firewall?
LinkedIn: http://www.linkedin.com/in/dcodiego
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It works if I grant them the administrator role. It stops working when I put them in any other role, including No-Cryptography administrator all the way down to console only.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Do the user have permissions to run and install plugins on machine from whcih they are trying to access MKS....
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes. I can replicate this behavior myself.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Bumping for visibility, can't wrap my head around this?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Mohamed of the VMware Support team found the answer for me.
Because majority of my VMs are encrypted, the encryption policies are all now different. When a VM is encrypted, Administrator role is the only one that has all the Cryptography settings selected in roles, and the ONE setting you need to view the console is the following:
Cryptography Administrator > Direct Access
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks a lot. This worked for me to get vmrc access back after enabling vTPM.
Cryptography Administrator > Direct Access
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
In VCSA 7 the nessecary setting is to be found here:
After applying that VMRC and WebConsole are accessible again.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Even after 5 years, THIS is the Solution for Windows 2022 Encrypted VM
Thanks a lot !
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Confirmed again, in 2023! This is also the solution for a Windows 10 VM that had a vTPM added (vCenter and Hosts on 7.0U3). After we added the vTPM, the web console said "Unable to connect to MKS. Permission to perform this operation was denied." We had to add the permission detailed above to the correct role our admins were in to restore console access. Worked great. I wish that permission was a bit clearer in its description.