We help IT Professionals succeed at work.

[VMware] How to Restore a Role to a VM?

Experts,

So, that quirky thing vCenter web client does when you think you're making a change to what you have highlighted, but it's actually targeting something else, got me. So, I created a Role in the Permissions tab and attached it to a VM for testing. I deleted that Role, I thought, except it appears I maybe deleted which ever one gave me permission to Edit the VM. I'm currently locked out of it.

"You do not have permission to view this object or this object does not exist," is what I'm left with...

I don't have any snapshots of this VM, either. Is it possible to restore whatever it was I accidentally deleted?

Thanks!
Comment
Watch Question

SeanSystem Engineer
CERTIFIED EXPERT

Commented:
Did you remove administrators group from the VM? You'll probably need to log in as root to add administrators back.
Michael LPr. Sysadmin

Author

Commented:
I'm not sure what was deleted, but I'm not too sure that was it now... I added the same Role, without deleting any other, to another VM. I'm locked out of that, too. That was one I created for Citrix and is pictured here. I assigned it to Adminstrator one one VM and Administrators to this other one.
Michael LPr. Sysadmin

Author

Commented:
Ok, so... I relogged because I couldn't remember the root credentials and I can now edit them again. I never removed any roles, or whatever. Sorry for wasting your time, Sean, but thank you for your speedy response.
SeanSystem Engineer
CERTIFIED EXPERT

Commented:
Always happy to help.
Michael LPr. Sysadmin

Author

Commented:
Sean, actually, I can't Edit either permissions. I don't know what happened, but by me adding this XenApp Service role I created, it usurped:

VSPHERE.LOCAL\Administrator | Administrator | 10.10.9.10

Instead of the above, which is what all my VMs have, these two have:

VSPHERE.LOCAL\Administrator | XenApp Service | This object and its children

So, still in some trouble :P
SeanSystem Engineer
CERTIFIED EXPERT

Commented:
Are you able to directly add the admin account to the permissions and not use roles?
Michael LPr. Sysadmin

Author

Commented:
Add Permissions is grayed out.
System Engineer
CERTIFIED EXPERT
Commented:
You may just need to manually edit the permissions file in esxi

From VmWare's webiste:

Connect to the ESX host's service console via SSH or local console.

Note: ESXi connection to the local console is made using the "unsupported mode"
Open this file in a text editor :
/etc/vmware/hostd/authentication.xml

Note: In ESX4.1 and later the file name is authorization.xml

Change the existing value of the <ACEDataRoleId> </ACEDataRoleID> to -1.
After editing this file, save it and restart the management agents on the host or reboot the host.

https://kb.vmware.com/s/article/1031192
Michael LPr. Sysadmin

Author

Commented:
I'll give this a shot tomorrow morning, when my brain is fresh. Thanks again. I'll let you know how it goes.
Michael LPr. Sysadmin

Author

Commented:
Sean, thanks! This'll work.

Explore More ContentExplore courses, solutions, and other research materials related to this topic.