Cloned "Symantec Administrators" role, after upgrade to ITMS 8.6 RU3, can't import a new SW Package.
search cancel

Cloned "Symantec Administrators" role, after upgrade to ITMS 8.6 RU3, can't import a new SW Package.

book

Article ID: 258423

calendar_today

Updated On:

Products

IT Management Suite Client Management Suite

Issue/Introduction

Cloned "Symantec Administrators" role in ITMS 8.5 RU4, after upgrade to ITMS 8.6 RU3 can't import a new SW Package because of missed permissions.

"1/22/2023 9:25:21 AM","WebApi Controller failure.

The current user 'MyDomain\Role Non Admin' does not have required permission 'read' to load item: 17ad008a-6a9e-46fa-b719-f712999b17eb
   [AeXUnauthorizedAccessException @ Altiris.NS.dll]
   at Altiris.NS.ItemManagement.Item.RaiseItemLoadFlagsSecurityException(string)
   at Altiris.NS.ItemManagement.Item.CheckCanGetItem(IItem, IEnumerable<Guid>, ItemLoadFlags)
   at Altiris.NS.ItemManagement.Item.GetItemInternal(Guid, IEnumerable<Guid>, ItemLoadFlags, out bool)
   at Altiris.NS.ItemManagement.Item.GetItemInternal(Guid, IEnumerable<Guid>, ItemLoadFlags)
   at Altiris.SoftwareManagement.SoftwareCatalogConfig.GetDefaultPackageAssignment()
   at Altiris.SoftwareManagement.SoftwareCatalogConfig.SetDefaultPackageAssignment<T>(T)
   at Altiris.SoftwareManagement.Resources.SoftwarePackageResource.CreateUnconfiguredPackage()
   at Altiris.SoftwareManagement.WebApi.Controllers.PackageController.CreateUnconfiguredPackage()
   at .lambda_method(Closure, object, object[])
   at System.Web.Http.Controllers.ReflectedHttpActionDescriptor+ActionExecutor+<>c_DisplayClass6_2.<GetExecutor>b_2(object, object[])
   at System.Web.Http.Controllers.ReflectedHttpActionDescriptor.ExecuteAsync(HttpControllerContext, IDictionary<string,object>, CancellationToken)
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task)
   at System.Web.Http.Controllers.ApiControllerActionInvoker+<InvokeActionAsyncCore>d__1.MoveNext()
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task)
   at System.Web.Http.Controllers.ActionFilterResult+<ExecuteAsync>d__5.MoveNext()
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task)
   at System.Web.Http.Controllers.ExceptionFilterR

"1/22/2023 9:26:47 AM","WebApi Controller failure.

Software package '00000000-0000-0000-0000-000000000000' is not found.
   [AeXItemNotFoundException @ Altiris.SoftwareManagement.WebApi.dll]
   at Altiris.SoftwareManagement.WebApi.Controllers.PackageController.UpdatePackage(Package, AddEditPackageRequest, out PackageRepositoryManager)
   at Altiris.SoftwareManagement.WebApi.Controllers.PackageController.ImportPackage(ImportPackageRequest)
   at .lambda_method(Closure, object, object[])
   at System.Web.Http.Controllers.ReflectedHttpActionDescriptor+ActionExecutor+<>c_DisplayClass6_2.<GetExecutor>b_2(object, object[])
   at System.Web.Http.Controllers.ReflectedHttpActionDescriptor.ExecuteAsync(HttpControllerContext, IDictionary<string,object>, CancellationToken)
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task)
   at System.Web.Http.Controllers.ApiControllerActionInvoker+<InvokeActionAsyncCore>d__1.MoveNext()
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task)
   at System.Web.Http.Controllers.ActionFilterResult+<ExecuteAsync>d__5.MoveNext()
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task)
   at System.Web.Http.Controllers.ExceptionFilterResult+<ExecuteAsync>d__6.MoveNext()

 

Environment

ITMS 8.6, 8.7

Cause

Item 17ad008a-6a9e-46fa-b719-f712999b17eb belongs to 'Software Catalog Configuration' item   (the UI below is visible by a true Symantec Administrator).

It was added in ITMS 8.6 release. Back in ITMS 8.5, Symantec Administrators' cloned role could not clone the "read" permissions for that item, thus there are no read permissions in ITMS 8.6.

 

Resolution

This issue has been reported to our Broadcom Development team. Unfortunately, we cannot do anything about the issue because we are not allowed to modify the custom roles. 

Workaround:

  1. Open the "Security Role Manager" page (under SMP Console, go to Settings menu>Security>Security Role Manager)
  2. Choose the affected role and add the "Software Catalog Configuration" item for this role
  3. Save changes.



Powered by Wolken Software