I have been working on a small test lab and need some assistance resolving what looks like a permissions issue. I am running the VC appliance 5.5, a single 5.1 host and vco 5.5. SSO is configured with Active directory as a LDAP server and appears to work as I can sign in to VC and vcO using my AD Domain admin creds. In AD I created a test user called builder, and domain groups as follows: VCO Builders – builders account VCO Admins – my account Domain admin – my account In VC these 3 groups are all set to 'administrators' at the root level. In the SSO administrators group I added VCO Admins and Domain admins. I added the VCO Builders group to the SSO SolutionUsers group I think the issue is related to how this groups permissions map into VC. I have tried to make the user a domain admin, but that did not resolve it. I have been working through this workflow http://www.vcoteam.info/articles/learn-vco/54-create-a-simple-vco-self-service-vm-provisioning-porta.... When I run the workflow with my AD account it all works. When I run it as builder, it fails after I answer the approval question. The error is ‘Unable to execute action 'cloneVM', you have no 'execution' rights’ What am I missing?
That happens due to the permissions not being inherited to elements that your workflow calls... This was mentioned in one of the comments of part 2 of that tutorial and then Part 3 of the series gives additional explanation and steps required to make things work.
That happens due to the permissions not being inherited to elements that your workflow calls... This was mentioned in one of the comments of part 2 of that tutorial and then Part 3 of the series gives additional explanation and steps required to make things work.
Thank Burke, I adjusted the builder permissions at the root level to include "execute' and it works correctly now.