...
Issue
Arellia Management Server (AMS) users see an error that says "You do not have enough rights to access this area of the application. Please contact an administrator to request access." This error can be easily fixed and just means that the user logged in to the console is trying to access an item they don't have access to.
Solution
To resolve the error, do the following steps:
- Log in to the server where the Arellia Management Server AMS is installed and open the Arellia Monitor to capture and view the logs from the server.
- Have the user who reported the error , refresh their console and try to access the same item again.
- The Arellia Monitor will then show an error that says something like "Claims principal 05e9277b-4f48-5533-b71f-61c2f71aec5e does not have read access to 2a3f33c4-15dd-41d0-a620-889ea1e4408a via AMS Default Security Descriptor (8449e8ae-908b-4205-802b-dcc05b57d756)."
- This message tells you everything that you know. The first Guid GUID is the Guid GUID of the user who tried to access an item. The second Guid is GUID is the Guid of GUID of the item they tried to access. And the third Guid is GUID is the Guid of GUID of the Security Descriptor that is currently set on the item.
To fix the behavior, open up the Arellia Management Server AMS and navigate to the item that the user is unable to access.
Info You can quickly navigate to the item by copy copying and pasting the Guid GUID and using this in the URL for the console. For the log message above, the URL you would go to is http://localhost/Ams/SecurityManager#/Tasks/2a3f33c4-15dd-41d0-a620-889ea1e4408a.
- Once When you are viewing the item, click on the icon next to the name of the item in the top right and select Properties Properties.
- Next, click on the Security tab and then change the Security Descriptor to a security descriptor that the user who triggered the message is a member of.
- Click Save the changes.
The user will then be able to access the item immediately after refreshing the page.
Related
...
links