VMware VirtualCenter Server service starts then fails with the log error: Failed to add default permission: permission already exists
search cancel

VMware VirtualCenter Server service starts then fails with the log error: Failed to add default permission: permission already exists

book

Article ID: 310829

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

Symptoms:
  • VMware VirtualCenter Server service starts, then fails immediately.
  • The vpxd log contains these error messages:

    [2009-01-05 19:36:37.130 'App' 12216 verbose] [Vdb::Connection::Record] Recording (27c2b88:0) update vpx_sequence set id = ? where name = ?
    [2009-01-05 19:36:37.130 'App' 12216 verbose] [Vdb::Connection::Record] Recording (27c2a38:0) INSERT INTO VPX_ACCESS (ID, PRINCIPAL, ROLE_ID, ENTITY_ID, FLAG) VALUES (?, ?, ?, ?, ?)
    [2009-01-05 19:36:37.130 'App' 12216 error] Failed to add default permission: permission already exists
    [2009-01-05 19:36:37.130 'App' 12216 error] Cannot start authorize - system has no access rules
    [2009-01-05 19:36:37.146 'App' 12216 error] [Auth] Failed to initialize: <Authorize Exception>
    [2009-01-05 19:36:37.146 'App' 12216 error] Failed to initialize security
    [2009-01-05 19:36:37.146 'App' 12216 info] Shutting down VMware VirtualCenter...
    [2009-01-05 19:36:38.146 'App' 12216 info] [VpxdServer] Exit done.


Environment

VMware vCenter Server 5.1.x
VMware vCenter Server 4.1.x
VMware vCenter Server 5.0.x
VMware VirtualCenter 2.5.x
VMware vCenter Server 4.0.x

Cause

This issue occurs when the default role is changed from Administrator to Virtual Machine User.

On startup, vCenter Server tries to insert the default role for the Administrators. The routine fails and VirtualCenter Server Service stops because the record for Administrators already exists in the database.

Resolution

Caution: This steps in this article deal with SQL database operations. VMware recommends that you are familiar with database concepts and have adequate backups before proceeding. If you are unsure of performing these operations, contact VMware Support for further assistance. For more information, see Filing a Support Request in Customer Connect (2006985).
To resolve this issue, update the ROLE_ID for Administrators:
  1. Log in to SQL 2005/2008 using the SQL Management Studio.
  2. In the SQL Management Studio select New Query and run this query against the existing vCenter Server database:

    Select * from vpx_access

  3. In the VPX_ACCESS table, check if ROLE_ID for Administrators is set to -1. If it is not set to -1, change the value to -1. To change this value, right-click the VPX_ACCESS table and select the Edit Top 200 Rows option.
  4. Restart the VMware VirtualCenter Server service. For more information, see Stopping, starting, or restarting vCenter services (1003895).


Additional Information

How to stop, start, or restart vCenter Server services
How to file a Support Request in Customer Connect
VMware VirtualCenter Server サービスが、次のログ エラーで停止する: Failed to add default permission: permission already exists
VMware VirtualCenter Server 服务启动后失败并出现日志错误:无法添加默认权限: 权限已存在

Powered by Wolken Software