Error: You do not have enough rights to access this area of the application
Issue
Arellia Management Server (AMS) users see an error that says "You do not have enough rights to access this area of the application. Please contact an administrator to request access." This error can be easily fixed and just means that the user logged in to the console is trying to access an item they don't have access to.
Solution
To resolve the error, do the following steps:
- Log in to the server where the AMS is installed and open the Arellia Monitor to capture and view the logs from the server.
- Have the user who reported the error refresh their console and try to access the same item again.
- The Arellia Monitor will then show an error that says something like "Claims principal 05e9277b-4f48-5533-b71f-61c2f71aec5e does not have read access to 2a3f33c4-15dd-41d0-a620-889ea1e4408a via AMS Default Security Descriptor (8449e8ae-908b-4205-802b-dcc05b57d756)."
- This message tells you everything that you know. The first GUID is the GUID of the user who tried to access an item. The second GUID is the GUID of the item they tried to access. And the third GUID is the GUID of the Security Descriptor that is currently set on the item.
To fix the behavior, open the AMS and navigate to the item that the user is unable to access.
You can quickly navigate to the item by copying and pasting the GUID and using this in the URL for the console. For the log message above, the URL you would go to is http://localhost/Ams/SecurityManager#/Tasks/2a3f33c4-15dd-41d0-a620-889ea1e4408a.
- When you are viewing the item, click the icon next to the name of the item in the top right and select Properties.
- Next, click the Security tab and then change the Security Descriptor to a security descriptor that the user who triggered the message is a member of.
- Click Save.
The user will then be able to access the item immediately after refreshing the page.
Related links