The caller 'NS Agent Identity' does not have permission "WRITE" (0d631690-66f8-4bc8-9edf-6bfdabf4bd61) on the specified item "Software Component: Software Component Resource Data Class" (61219b84-11d7-4002-8bc0-cd2e0202eb55)


Article ID: 192889


Updated On:


Management Platform (Formerly known as Notification Server)


The customer recently upgraded to ITMS 8.5 RU3. The main issue was the following error every time a client machine was trying to send an NSE:

Entry 1:

NSE dispatch failed for: id=192418121, from: 1b2b2cee-1fdb-4953-8ac8-26b707cda91b, to: 'Standard event capture item' (70d916e7-5096-4fab-a761-4d4eb932da7f)


Item save to DB failed: 6b29ee6a-25db-484c-85b4-379b2cb0c473, (fromClone=False, user=NS Agent Identity)

Entry 2:

The caller 'NS Agent Identity' does not have permission 0d631690-66f8-4bc8-9edf-6bfdabf4bd61 on the specified item 61219b84-11d7-4002-8bc0-cd2e0202eb55
   [Altiris.NS.Exceptions.AeXSecurityException @ Altiris.NS]
   at Altiris.NS.Security.ItemPermission.Demand(Guid entity, Guid permission, Boolean throwIfNotGranted)
   at Altiris.Resource.ResourceDataTable.Save()


The referenced item "61219b84-11d7-4002-8bc0-cd2e0202eb55" is "Software Component: Software Component Resource Data Class".
NS Agent Identity is trying to get this permission "0d631690-66f8-4bc8-9edf-6bfdabf4bd61", which is "Data Class Write".



Known issue. This account never had write rights for this resource.


ITMS 8.5 RU3


This issue has been fixed in ITMS 8.5 RU4 release.

The current workaround for this issue is:

  • Open Security Role Manager (under SMP Console> “Settings > Security > Security Role Manager”
  • Select the “Symantec Administrators” roll in the top box.
  • From the dropdown box labeled “Views:” select “Settings”
  • Click on the tool (eye glasses icon)    at the top of the box in order to see all Hidden Items.
  • Navigate down to "Settings > Notification Server > Resource and Data Class Settings > Data Classes > Software Management > Software Component"
  • In the right pane, in the lower right corner, select the "Advanced" button.
  • If the "NS Agent Identity" account is not in the list of trustees with "Read" and "Write" permissions then click the "Add" icon.
  • From the "Group:" dropdown box select "Accounts"
  • Select "NS Agent Identity" from the list
  • Once added select the newly added account and check the "Read" and "Write" box in the "Permissions for:" section.
  • Save.

Note: In case you still get the same error even after making sure "Read" and "Write" are selected:
under "Resource Management Permissions", grant:

  • Write Resource Association
  • Write Resource Data