Unable to remove permission from Site Recovery manager.
search cancel

Unable to remove permission from Site Recovery manager.

book

Article ID: 417015

calendar_today

Updated On:

Products

VMware Live Recovery

Issue/Introduction

While trying to remove the permission for a group in site recovery manager below error is being displayed.

Environment

VLSR 9.X

vCenter 8.x

Cause

The roles or permissions are not allowed to delete from the SRM directly.

The roles and permissions assigned to the SRM are inherited from vCenter thus not allowing it delete directly from SRM.

dr.log snippet 

xxxx-xx-xxxx:xx:xx[srm-reactive-thread-3327] WARN  com.vmware.srm.client.sites.permissions.RemoveMultiplePermissionsDataHandler -1497768041398671055 24a78df0-xxxx-xxxx-xxxx-4c7a7dcb995c removePermissions - DrRequestHandlerError:

(vim.fault.NotFound) {
   faultCause = null,
   faultMessage = null
}
        at java.base/jdk.internal.reflect.DirectConstructorHandleAccessor.newInstance(Unknown Source)
        at java.base/java.lang.reflect.Constructor.newInstanceWithCaller(Unknown Source)
        at java.base/java.lang.reflect.ReflectAccess.newInstance(Unknown Source)
        at java.base/jdk.internal.reflect.ReflectionFactory.newInstance(Unknown Source)
        at java.base/java.lang.Class.newInstance(Unknown Source)

Resolution

The roles and permission for groups needs to be deleted/removed from the vCenter(Global permissions) that will propagate to the SRM/vSphere replication.

https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/vsphere-security-8-0/vsphere-permissions-and-user-management-tasks/managing-permissions-for-vcenter-server.html 

Powered by Wolken Software