Recently worked on an upload issue and figured it was worth posting here in case anyone else ever encounters something similar.
- vCenter 6.5 build 5973321
- ESXi 6.5 build 5310538 (image profile ESXi-6.5.0-4564106-standard)
- The web browser used to upload files
- has the vCenter plugins installed (see Upgrading VMware Client Integration Plug-in to the latest version (2145066))
- must trust the certificate of the VMware Cip Message Proxy Service (https://vmware-plugin:8094/)
- must trust the certificate of all ESXi hosts that are mounting the datastore where files will be uploaded
- The vCenter account of the user who will be uploading files already has
- A role containing the privileges "Datastore > Browse datastore" and "Datastore > Low level file operations" applied to the datastore where files will be uploaded
- The "Read-Only" role applied to the host objects (propagating to children or not) that are mounting the datastore where files will be uploaded
- The user can create folders in the datastore browser
- In the vSphere Web Client (Flex UI) after choosing a file to upload, the UI refreshes but the file is not uploaded
- In the vSphere Client (HTML5) attempting to upload a file errors with the message "Failed to transfer data. For more information check out the logs."
- In the vCenter web client log (/var/log/vmware/vsphere-client/logs/vsphere_client_virgo.log) entries similar to the following appear
- [<date>] [ERROR] data-service-pool-786 70005481 100911 200867 com.vmware.vsphere.client.storage.impl.DatastorePropertyProvider Not able to acquire generic service ticket for the purpose of file transfer com.vmware.vim.binding.vim.fault.NoPermission: Permission to perform this operation was denied.
- [<date>] [ERROR] http-bio-9090-exec-3 70005482 100912 200867 com.vmware.vise.vim.http.transport.FileUploadRequestHandler Failed to transfer data to url: https://<esxi_fqdn>/folder/<folder_name>/<file_being_uploaded_name>?dcPath=ha-datacenter&dsName=<datastore_name> java.io.IOException: Error writing request body to server
- In order to transfer files to a datastore via a host, the user apparently requires the privilege "Host > Configuration > System Management" applied to the hosts mounting the datastore, NOT the "Read Only" role. The role containing the privilege "Host > Configuration > System Management" for the user does not need to propagate to the children of the host object. Hat tip to petermie and Mincho Tonev in the post User with Administrator role can't upload files to datastores for finding that.
Hope this helps someone down the line.
I have the same question (0)