vCenter 4.1 - Permission issue.

spoonuk · ‎05-04-2011

To start with - very annoyed this has happened.

I have 3 data centres configured in vCenter at the top level. I've been trying to assign permissions to one of them to a AD group [two users which haven't been assigned before] giving access to that data centre only. So Administrators access was given but that somehow removed access to other groups which I use [and are a member of]

At the moment I cannot login unless I add myself to the above group which still limits me to one data centre.

What the heck happened there and how do I revert this?

I appreciate your help.

Ta,

Adrian

a_p_ · ‎05-04-2011

Depending on what's causing the permission issue, modifying the vCenter database directly to regain access may help.

see http://kb.vmware.com/kb/1005680

André

spoonuk · ‎05-04-2011

My issue is slightly different i.e. no access rule as opposed to read-only. Still, I think looking at the database and deleting the evil record is the only way forward.

At the moment I’m checking what will happen if I remove to offending group all together from AD – hopefully this will wipe the no access permission from VC DB.

Anyone else got any other suggestions?

/EDIT

As kinda expected, deleting the AD group doesn't do much. Database edit time.

hicksj · ‎05-10-2011

spoonuk wrote:
What the heck happened there and how do I revert this?
...
My issue is slightly different i.e. no access rule as opposed to read-only.

Sounds like you applied a no access rule at the root of vCenter, not just permissions for this new group at the one Data Center. Is that correct?

Based on the info you provided, there's no reason for a no access rule. What were you trying to accomplish with that? You have to be very careful when applying no access, as it overides all other permissions.

All

vCenter 4.1 - Permission issue.