The System User Pattern (proxy) is mapped to a Group that does not have enough permissions to execute the required Operation.
In order to find the root cause, the main log level needs to be increased to 0,SECURITY so that we can see what specific "Role" has been used and what permission is denied.
- Increase the Main Log Level to 0,SECURITY via UVC or via the command line
unisetvar U_LOG_LEVEL 0,SECURITY
- Then relaunch the command that fails and check the universe.log, you should see the following kind of lines that should tell you which Role / Permission is provoking the error:
|TRACE|X|IO |pid=p.t| owls_init_client | Client uxordre proxy is: [SYS] [hostname\username]
|TRACE|X|IO |pid=p.t| getSecurity | 25 security patterns available
|TRACE|X|IO |pid=p.t| IsMatchProxyFilter | System user HOSTNAME\USERNAME matches pattern */*\*
|TRACE|X|IO |pid=p.t| getSecurity | Client uxordre username on hostname.domain has 4 security roles
|INFO |X|IO |pid=p.t| o_check_security | GRANTED ACCESS: role(DUAS TST600/X Read-only) -> this is the role that corresponds to the username that launched the command
|INFO |X|IO |pid=p.t| owls_check_security | Security denied for OBJ(LAUNCH) OPER(CREATE) -> this is the operation that is denied due to the role applied