Permissions problems with linked VCs after VCSA migration

This post was originally published on this site

Hi,

 

We have just migrated/upgraded 2, linked mode, Windows 6.0 vCenters to 6.7 VCSAs. Everything seemed to go OK during the migrations but now they are complete there seems to be some problem with the trust or sharing of credentials between the 2 VCSAs. They still see each other as linked and VCSA ‘A’ is visible at the top level from VCSA ‘B’ and vice-versa. However attempting to expand the tree of the opposing site from either A or B gives the ‘You have no priviliges to view this object or it does not exist’ error message. This occours if we are logged in to either site and attempting to view the other and we get the same problem if we are logged in as ‘administrator@vsphere.local’ or if we are logged in as any AD account that should have the permissions to do this.

 

I.e. AD account ‘X’ is able to log in to both VCSA ‘A’ and VCSA ‘B’ and can explore the ‘local’ VCSA in full but can’t view ‘A’ from ‘B’ and can’t view ‘B’ from ‘A’.

 

We can however see recent tasks intitated at either site, e.g. if we delete a VM snapshot at site ‘A’ (using VCSA ‘A’) and site ‘B’ (using VCSA ‘B’) then the recent tasks pane is populate with both tasks and in both VCSAs.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.