Cannot assign a custom role to a user in vCenter.
search cancel

Cannot assign a custom role to a user in vCenter.

book

Article ID: 320761

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

  • A custom role was created named <custom_role> in the vSphere web client.
  • When attempting to assign the the custom role to a user named <svccustom_role> it fails with this error.

Add permission failed!

The object or item referred to could not be found.

 

  • In the vpxd log, you can see lines similar to :

<timestamp> info vpxd[19247] [Originator@6876 sub=Default opID=OpId-1588161136383-8c] [VpxLRO] -- ERROR lro-12524 -- AuthorizationManager -- vim.AuthorizationManager.setEntityPermissions: vim.fault.NotFound:
--> Result:
--> (vim.fault.NotFound) {
-->    faultCause = (vmodl.MethodFault) null,
-->    faultMessage = <unset>
-->    msg = ""
--> }
--> Args:
-->
--> Arg entity:
--> 'vim.Folder:xxxx'
--> Arg permission:
--> (vim.AuthorizationManager.Permission) [
-->    (vim.AuthorizationManager.Permission) {
-->       entity = <unset>,
-->       principal = "DOMAIN\<svccustom_role>",
-->       group = false,
-->       roleId = 0,
-->       propagate = true
-->    }
--> ]

 

  • There are no issue assigning any other roles to the same users in the vSphere web client. 

Environment

  • VMware vCenter Server 8.0
  • VMware vCenter Server 7.x

 

Cause

The vCenter Server System Role has an unknown internal naming conflict in the vCenter appliance.

Resolution

Rename custom role <custom_role>  to  anything close from  <svccustom_role>  and assign it to desired users

 

Additional Information

 

 

 

Powered by Wolken Software