"Permission Denied" error when creating new replications in Cloud Director Availability 4.x
Article ID: 315021
Updated On:
Products
VMware Cloud Director
Issue/Introduction
Symptoms:
- When creating an On-Premises to Cloud protection or migration in Cloud Director Availability 4.x, the task fails and you see an error similar to:
Permission Denied
- In the Settings view of the Cloud Director Availability On-Premises Portal, the Allow access from Cloud site setting is set to No.
- In the /opt/vmware/h4/replicator/log/replicator.log file on the on-premise appliance, you see messages similar to:
2023-08-30 19:19:32.878 ERROR - [UI-2d36083d-1c8f-4675-b7ac-261c4967d284-r30286-ZK-8y-nn-6T] [job-3] c.v.h.r.s.onprem.OnPremTokenManager : Unknown token PxJp...vaQ=
2023-08-30 19:19:32.878 ERROR - [UI-2d36083d-1c8f-4675-b7ac-261c4967d284-r30286-ZK-8y-nn-6T] [job-3] com.vmware.h4.jobengine.JobExecution : Task 932ce4dc-69dd-43a4-82b1-a098d8f15717 (WorkflowInfo{type='setupSource', resourceType='replication', resourceId='H4-d881ddb1-5d64-4047-99a5-08de49c06304', isPrivate=false, resourceName='null'}) has failed
com.vmware.h4.api.error.exceptions.PermissionDeniedException: Permission denied.
at com.vmware.h4.replicator.services.onprem.OnPremTokenManager.validateToken(OnPremTokenManager.java:251)
...
Environment
VMware Cloud Director Availability 4.x
Cause
When the Allow access from Cloud setting is disabled, a token is used to manage access to the On-Premises site from the paired Cloud site. This issue can occur if there are delays during the setup tasks in the Cloud site infrastructure, the timeout on the token can be exceeded and the interaction becomes invalidated.
Resolution
To resolve this issue, investigate and correct the cause of the configuration delays in the Cloud site.
Workaround:
If the cause of the delays cannot be determined or corrected, work around this issue by repairing the On-Premises site with the Cloud site to enable the Allow access from Cloud setting. For more information see the Repair with a remote site section of the Cloud Director Availability documentation.
Workaround:
If the cause of the delays cannot be determined or corrected, work around this issue by repairing the On-Premises site with the Cloud site to enable the Allow access from Cloud setting. For more information see the Repair with a remote site section of the Cloud Director Availability documentation.
Feedback
Yes
No
Powered by
