When trying to create or edit an asset such as a computer, the error "Server Error in 'Altiris/AssetContractCommon' Application" occurs. Or, other errors may occur, such as when trying to save an asset, for example, "<data class> cannot be null." This prevents the asset from being able to be created or edited.
Server Error in 'Altiris/AssetContractCommon' Application.
Insufficient permissions for data classes in the custom security role.
Note: This article is primarily applicable to when the user is in a custom security role and this issue occurs. If this occurs in an out of box security role, instead refer to the following article:
Error "Server Error in 'Altiris/AssetContractCommon' Application" occurs when trying to create or edit an asset such as a Computer
About custom security roles
It can be very complicated and problematic to create a working custom security role for users to have limited access to edit assets. This is because when setting up a custom security role, appropriate permissions must be granted to the data classes that are expected to be in the resources to be used by the user's in the custom security role. The user must understand how to create and manage a custom security role therefore, which can be a very time consuming, complex process. Important Note: It is beyond the scope of this article and Symantec Technical Support to explain in detail or troubleshoot a customer's custom security role in-depth as this is considered a Consulting request. Symantec Technical Support furthermore does not have any extensive documentation on how to create custom security roles, especially those that are designed for specific purposes in mind. It may therefore be unlikely to be able to pinpoint what permissions need to be changed to fix the issue, without the user going through trial-and-error by turning permissions on and off, experimenting with their custom security role as necessary.
Additional concerns are:
Best practices in creating a new custom security role
It is strongly recommended to find an out of box security role that is close to what the user wants, clone it, and then reduce its permissions so that it ends up being what the user wants. It is far more difficult to create a new custom security role from scratch, which will very likely end up seeing the issue described in this article. For example, clone the CMDB Manager's security role, then, change its permissions to meet the restrictions that are desired to be given to the users in that custom security role.
A compromise is to simply add the user to both the CMDB Manager and Asset Manager security roles, which should give permissions to do most tasks. Or if creating a custom security role becomes too problematic, the user may need to consider simply placing the user in the Symantec Administrator's role to ensure they have the permissions necessary.
Troubleshooting a custom security role