SCVでvCenterユーザを使用してストレージ接続を追加すると、500内部エラーで失敗する
環境
- SnapCenter Plug-in for VMware(SCV)4.3以降
- vCenterのオブジェクト権限に制限があります
問題
vCenterの完全な管理者ではなく、1つのクラスタに制限があるvCenterユーザが、一部のデータストアとVMのみをSCVプラグインセクションで追加しよう原因 とすると、vCenter GUIで次のエラーが発生することがあります。
HTTP 500 Internal error
次に、SCVのvmcontrolログを示します。
DEBUG --- [qtp474675244-12] .a.p.VSphere5PrivilegeValidationStrategy : CurrentSession: com.vmware.vijava.vim25.UserSession@1eecaa37
DEBUG --- [qtp474675244-12] .a.p.VSphere5PrivilegeValidationStrategy : Key: 524fb012-17d0-084f-5cbd-e1fdb6aa23e6
DEBUG --- [qtp474675244-12] .a.p.VSphere5PrivilegeValidationStrategy : managedEntity.getMOR().getVal() group-d1
DEBUG --- [qtp474675244-12] .a.p.VSphere5PrivilegeValidationStrategy : sessionId 524fb012-17d0-084f-5cbd-e1fdb6aa23e6
DEBUG --- [qtp474675244-12] .a.p.VSphere5PrivilegeValidationStrategy : privilegeIds netappSCV.Configure.ConfigureStorageSystems.AddUpdate
ERROR --- [qtp474675244-12] .a.p.VSphere5PrivilegeValidationStrategy : null
com.vmware.vijava.vim25.NoPermission
at sun.reflect.GeneratedConstructorAccessor379.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
at java.lang.Class.newInstance(Class.java:442)
at com.vmware.vijava.vim25.ws.XmlGenDom.fromXml(XmlGenDom.java:222)
at com.vmware.vijava.vim25.ws.XmlGenDom.parseSoapFault(XmlGenDom.java:146)
at com.vmware.vijava.vim25.ws.XmlGenDom.fromXML(XmlGenDom.java:92)
at com.vmware.vijava.vim25.ws.WSClient.invoke(WSClient.java:93)
at com.vmware.vijava.vim25.ws.VimStub.hasPrivilegeOnEntity(VimStub.java:204)
at com.vmware.vijava.vim25.mo.AuthorizationManager.HasPrivilegeOnEntity(AuthorizationManager.java:79)
at com.netapp.aegis.privilege.VSphere5PrivilegeValidationStrategy.hasPrivileges(VSphere5PrivilegeValidationStrategy.java:71)
at com.netapp.aegis.privilege.AbstractVSpherePrivilegeValidator.hasPrivileges(AbstractVSpherePrivilegeValidator.java:67)
at com.netapp.aegis.privilege.PrivilegeValidationServiceImpl.hasPrivilegeOnEntities(PrivilegeValidationServiceImpl.java:137)
at com.netapp.aegis.privilege.AegisPrivilegeValidator.hasPrivileges(AegisPrivilegeValidator.java:437)
at com.netapp.aegis.server.AegisApiServiceImpl.hasPrivilegeCheckOnRootFolder(AegisApiServiceImpl.java:1983)
at com.netapp.aegis.restapi.BackupRecoveryApiServiceImpl.hasPrivilegeCheckOnRootFolder(BackupRecoveryApiServiceImpl.java:1364)