search cancel

The current user NS Agent Identity does not have required permission read to load item: (714d2100-8c0b-4e61-a197-1e2937bddfa8~)

book

Article ID: 163032

calendar_today

Updated On:

Products

IT Management Suite

Issue/Introduction

At some point, usually after an upgrade, or the installation of a HF release, an error similar to the following started being thrown in the SMP logs every time a CEM client submitted an NSE file containing file based inventory.

 

Source: Altiris.NS.ResourceManagement.DataClassImporter.LoadInventory

Description: Failed to load inventory.

The current user 'NS Agent Identity' does not have required permission 'read' to load item:  Software Key Executable (714d2100-8c0b-4e61-a197-1e2937bddfa8~) [Altiris.NS.Exceptions.AeXUnauthorizedAccessException @ Altiris.NS]

   at Altiris.NS.ItemManagement.Item.RaiseItemLoadFlagsSecurityException(String message)

   at Altiris.NS.ItemManagement.Item.CheckCanGetItem(IItem item, IEnumerable`1 accessPermissions, ItemLoadFlags itemLoadFlags)

   at Altiris.NS.ItemManagement.Item.GetItemInternal(Guid itemGuid, IEnumerable`1 accessPermissions, ItemLoadFlags itemLoadFlags, Boolean& cacheHit)

   at Altiris.NS.ItemManagement.Item.GetItemInternal(Guid itemGuid, IEnumerable`1 accessPermissions, ItemLoadFlags itemLoadFlags)

   at Altiris.NS.ItemManagement.Item.GetItem[T](Guid itemGuid, IEnumerable`1 accessPermissions, ItemLoadFlags itemLoadFlags)

   at Altiris.NS.ResourceManagement.DataClassImporter.InventoryLoader.ReadDataClassItem(CodeProfiler cp)

   at Altiris.NS.ResourceManagement.DataClassImporter.InventoryLoader.ServeNoneToDataClassNode(CodeProfiler cp)

   at Altiris.NS.ResourceManagement.DataClassImporter.InventoryLoader.Load(CodeProfiler cp)

   at Altiris.NS.ResourceManagement.DataClassImporter.LoadInventory(XmlReader reader, Boolean bProcessData, Boolean bForceSchemaValidation, Guid resourceGuidOverride)

The current user 'NS Agent Identity' does not have required permission 'read' to load item:  Software Key Executable (714d2100-8c0b-4e61-a197-1e2937bddfa8~)

Cause

As per the log—the “read” permission to the “Software Key Executable” data class was lost.

 Note:  This particular data class is not located in the normal folder structure that organizes data classes. It is a hidden data class found under “Filters > ITMS Management Views Filters”

 

Resolution

Perform the following steps.

Note: If the error is showing on multiple servers in a hierarchy then perform this on the Parent SMP and run a replication cycle.

  • Open Security Role Manager “Settings > Security > Permissions”
  • Select the “Symantec Administrators” roll in the top box.
  • From the dropdown box labeled “Views:” select “Resources”
  • Click on the tool (eye glasses icon)    at the top of the box in order to see all Hidden Items.
  • Navigate down to "Filters > ITMS Management Views Filters > Software Key Executable"
  • In the right pane, in the lower right corner, select the "Advanced" button.
  • If the "NS Agent Identity" account is not in the list of trustees with "Read" permissions then click the "Add" icon.
  • From the "Group:" dropdown box select "Accounts"
  • Select "NS Agent Identity" from the list
  • Once added select the newly added account and check the "Read" box in the "Permissions for:" section.
  • Save.

 

Attachments