While accessing the Symantec Management Console as a restricted user, and going to Resource Manager > Server Resource Manager Home, a server error occurs for the Computer Summary and Disks Space Utilization web parts.
Server Error in '/Altiris/ServerManagementSuite' Application.
The current user does not have required permission 'read' to load item 'd32db857-53f0-4fe8-81cf-7c25935c621e'.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: Altiris.NS.Exceptions.AeXUnauthorizedAccessException: The current user does not have required permission 'read' to load item 'd32db857-53f0-4fe8-81cf-7c25935c621e'.
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
[AeXUnauthorizedAccessException: The current user does not have required permission 'read' to load item 'd32db857-53f0-4fe8-81cf-7c25935c621e'.]
Altiris.NS.ItemManagement.Item.RaiseItemLoadFlagsSecurityException(String message) +522
Altiris.NS.ItemManagement.Item.CheckCanGetItem(IItem item, IEnumerable`1 accessPermissions, ItemLoadFlags itemLoadFlags) +392
Altiris.NS.ItemManagement.Item.GetItemInternal(Guid itemGuid, IEnumerable`1 accessPermissions, ItemLoadFlags itemLoadFlags) +889
Altiris.NS.ItemManagement.Item.GetItem(Guid itemGuid, IEnumerable`1 accessPermissions, ItemLoadFlags itemLoadFlags) +54
Altiris.NS.ItemManagement.Item.GetItem(Guid itemGuid) +85
Altiris.NS.ItemManagement.Item.GetItem(Guid itemGuid) +44
Altiris.ServerManagementSuite.Web.DataSourcePage.GetDataSource(Guid dataSourceId) +31
Altiris.ServerManagementSuite.Web.DataSourcePage.OnPreRender(EventArgs e) +391
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +3394
Version Information: Microsoft .NET Framework Version:2.0.50727.4952; ASP.NET Version:2.0.50727.4955
This error occurs due to a lack of proper handling of missing permissions. Instead of displaying a Symantec, "Access Denied", error, this web exception occurs.
There is a hidden reports folder that the associated Security Role (that of which the restricted user is a member of) needs Read permissions to. If permissions to the root of Reports has been removed for this Security Role in the Security Role Manager, the necesssary permissions for this hidden folder will not exist.
This is a known issue and has been submitted to development. This article will be updated when this defect is resolved in a future release.
Note: The following workaround is provided on a "use at your own risk" basis. Symantec recommends backing up your database prior to making any changes directly in SQL
Unhide the hidden reports folder, Server Management Suite, by running the following SQL script in Microsoft SQL Server Management Studio against the CMDB:
update Item set [Attributes] = '18' where [Guid] = '6F127B0C-480A-4D61-86CE-2BFE8017AA32'
In the Security Role Manager, choose the associated Security Role from the Role: drop-down menu
In the View: drop-down menu, choose Reports, then the pencil icon for Edit
Enable the checkbox for Reports > Server Management Suite, Save Changes, Save Changes
Optional: Hide this reports folder again by running the following SQL:
update Item set [Attributes] = '23' where [Guid] = '6F127B0C-480A-4D61-86CE-2BFE8017AA32'
Server Management Suite 7.1 SP2 (and previous versions)
Imported Document ID: TECH173043
Subscribing will provide email updates when this Article is updated. Login is required.