Error "401 Unauthorized" is received and the user cannot login to vCenter Server
Article ID: 400110
Updated On:
Products
VMware vCenter Server
Issue/Introduction
- When a user doesn't have permission to log in to vCenter Server's GUI (the vSphere Client), the log in will fail, and a message similar to the below error is thrown:-
Unable to login because you do not have permission on any vCenter Server systems connected to this client - Additionally, the "
401 Unauthorized" messages can be seen in the websso logs (/var/log/vmware/sso/websso.log) of the vCenter.
Environment
- vCenter Server 7.x
- vCenter Server 8.x
Cause
- Access to a vCenter Server requires permissions on the root vCenter Server object and the specific datacenter object in the vSphere Client inventory.
- This error typically occurs when a user lacks permissions at the vCenter Server root level or when permissions fail to propagate down to the Datacenter object level.
Resolution
- Log in to the vSphere Client using an account with administrative privileges
- Select vCenter object from the inventory.
- Click the Permissions tab.
- Click Add Permission (+).
- Enter the user that needs permissions added.
- Select a role for the user depending on what permissions they require. (NOTE: assigning the "No access" role will prevent the user from logging in, as long as the account does not have any other role already assigned to it).
- Select the datacenter object from the inventory and repeat steps 3 through 6.
Feedback
Yes
No
Powered by
