Error - "Unable to retrieve pairs from extension server at https://xxxxxx:8043. Permission to perform this operation was denied" on launching Site Recovery UI.
Article ID: 400352
Updated On:
Products
Issue/Introduction
Symptoms:
-
On launching the Site Recovery UI, following error is observed:
"Unable to retrieve pairs from extension server at https://<vsphere-replication-FQDN:8043. Permission to perform this operation was denied." -
An AD user account is used for login to vSphere Client and Site Recovery UI.
-
Only vSphere Replication appliance is deployed and no VMware Live Site Recovery.
Environment
vSphere Replication 9.0.2
Cause
- 'No Permission' error is reported in the following log:
(From /opt/vmware/support/logs/dr/dr-client.log)
Caused by: (vim.fault.NoPermission)
faultCause = null,faultMessage = null,object = ManagedObjectReference: type = HmsRemoteSiteManager, value = site-manager, serverGuid = bc67c6f0-637e-4e4b-a564-f4ecc9777128,privilegeId = HmsRemote. com. vmware. vcHms. Hms. View,missingPrivileges = (vim.fault.EntityPrivileges) [
(vim. fault. EntityPrivileges) {dynamicType = null,dynamicProperty = null,entity = ManagedObjectReference: type = HmsRemoteSiteManager, value = site-manager, serverGuid = bc67c6f0-637e-4e4b-a564-f4ecc9777128,privilegeIds = (STRING) [
HmsRemote.com.vmware.vcHms.Hms.View
Resolution
- Modify Role assigned to AD user by adding required permissions for vSphere Replication (VRM).
Steps:
-
- In vSphere Client > Click on Menu > Administration > Roles > Select the 'Role' assigned to AD user > Click on 'Edit'.
- Add following privileges to the role:
- In vSphere Client > Click on Menu > Administration > Roles > Select the 'Role' assigned to AD user > Click on 'Edit'.
-- VRM diagnostics
- Relaunch Site Recovery UI by clicking on 'Open Site Recovery' to validate no error observed.
Feedback
