"vmodl.fault.SecurityError" occurs when attempting to remove tags to virtual machines
search cancel

"vmodl.fault.SecurityError" occurs when attempting to remove tags to virtual machines

book

Article ID: 430790

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

Users can add the tag to virtual machines but cannot remove. 

Unable to remove tag to virtual machines failing with error 

Operation failed!

(vmodl.fault.SecurityError) {
faultCause = null,
faultMessage = null
}

/var/log/vmware/vsphere-ui/logs/vsphere_client_virgo.log shows below error message

[TIMESTAMP] [ERROR] -nio-127.0.0.1-5090-exec-235 70009251 100244 200028 com.vmware.vsphere.client.tagging.impl.TagMutationProvider        An error occurred while detaching tags java.util.
concurrent.ExecutionException: (vmodl.fault.SecurityError) {
   faultCause = null,
   faultMessage = null

 

Environment

vCenter server 8.0

Cause

The 'vpxd-extension' solution user was missing membership in the 'ServiceProviderUsers' group within the vCenter Single Sign-On (SSO) configuration.

Resolution

Utilize the 'authz-doctor' utility to identify and remediate internal SSO group membership discrepancies for solution users. 


1. Download/Run the authz-doctor tool on the vCenter Server Appliance.
2. Execute the tool to check solution users group membership using the command below

/usr/lib/vmware-vpx/scripts/authz-doctor/authz-doctor.py solution_users


3. Fixing the solution users group membership

/usr/lib/vmware-vpx/scripts/authz-doctor/authz-doctor.py solution_users --action fix
Powered by Wolken Software