{"id":9776,"date":"2024-07-16T23:59:56","date_gmt":"2024-07-16T21:59:56","guid":{"rendered":"https:\/\/michlstechblog.info\/blog\/?p=9776"},"modified":"2024-07-17T09:35:53","modified_gmt":"2024-07-17T07:35:53","slug":"vsphere-find-missing-permissions-in-logs","status":"publish","type":"post","link":"https:\/\/michlstechblog.info\/blog\/vsphere-find-missing-permissions-in-logs\/","title":{"rendered":"vSphere: Find missing permissions\/privileges  in logs"},"content":{"rendered":"<div class=\"twoclick_social_bookmarks_post_9776 social_share_privacy clearfix 1.6.4 locale-en_US sprite-en_US\"><\/div><div class=\"twoclick-js\"><script type=\"text\/javascript\">\/* <![CDATA[ *\/\njQuery(document).ready(function($){if($('.twoclick_social_bookmarks_post_9776')){$('.twoclick_social_bookmarks_post_9776').socialSharePrivacy({\"services\":{\"flattr\":{\"uid\":\"Michl\",\"status\":\"on\",\"the_title\":\"vSphere%3A%20Find%20missing%20permissions%2Fprivileges%20%20in%20logs\",\"the_excerpt\":\"Hi%2C%0D%0A%0D%0Aassigning%20permissions%20in%20vSphere%20is%20sometimes%20difficult.%20Also%20to%20find%20out%20which%20permissions%20are%20missing%20for%20a%20specific%20action%20if%20you%20are%20not%20an%20administrator.%0D%0A%20%28more%26hellip%3B%29\",\"txt_info\":\"2 clicks for more data protection:\\r\\n\\r\\nOnly when you click here, the button will be come active and you can send your recommendation to Flattr. When activating, data are transmitted to third parties. \",\"perma_option\":\"off\"}},\"txt_help\":\"When you activate these fields by clicking, information to Flattr may be transferred abroad, and probably may also stored there.\",\"settings_perma\":\"Enable permanently and accept data transmission. \",\"info_link\":\"http:\\\/\\\/www.heise.de\\\/ct\\\/artikel\\\/2-Klicks-fuer-mehr-Datenschutz-1333879.html\",\"uri\":\"https:\\\/\\\/michlstechblog.info\\\/blog\\\/vsphere-find-missing-permissions-in-logs\\\/\",\"post_id\":9776,\"post_title_referrer_track\":\"vSphere%3A+Find+missing+permissions%2Fprivileges++in+logs\",\"display_infobox\":\"on\"});}});\n\/* ]]> *\/<\/script><\/div><p>Hi,<\/p>\n<p>assigning permissions in vSphere is sometimes difficult. Also to find out which permissions are missing for a specific action if you are not an administrator.<br \/>\n<!--more--><\/p>\n<p>Usually the event entry does not give you an hint which permissions are lacked. There are a lot of log files under \/var\/log\/vmware. So which is the right one?<\/p>\n<p>My best way is to search all logfiles for the string &#8220;is needed on&#8221;.<\/p>\n<pre class=\"brush: bash; title: ; notranslate\" title=\"\">\r\nroot@vCenter ~ # cd \/var\/log\/vmware\r\nroot@vCenter \/var\/log\/vmware # find . -name &quot;*.log&quot; -exec grep -iH &quot;is needed on&quot; {} \\;\r\n.\/vsphere-ui\/logs\/vsphere_client_virgo.log:    defaultMessage = Privilege VirtualMachine.Config.AddNewDisk is needed on resgroup-153:67cde234-9230-4339-9aa3-09ee23553629.,\r\n.\/vsphere-ui\/logs\/vsphere_client_virgo.log:    defaultMessage = Privilege VirtualMachine.Config.AdvancedConfig is needed on resgroup-153:67cde234-9230-4339-9aa3-09ee23553629.,\r\n...\r\n.\/content-library\/cls.log:    defaultMessage = Privilege VirtualMachine.Config.AddNewDisk is needed on resgroup-153:67cde234-9230-4339-9aa3-09ee23553629.,\r\n.\/content-library\/cls.log:    defaultMessage = Privilege VirtualMachine.Config.AdvancedConfig is needed on resgroup-153:67cde234-9230-4339-9aa3-09ee23553629.,\r\n....\r\n<\/pre>\n<p>In this case irtualMachine.Config.AddNewDisk and VirtualMachine.Config.AdvancedConfig is missing on Resource group of cluster:<\/p>\n<pre class=\"brush: powershell; title: ; notranslate\" title=\"\">\r\nPS D:\\&gt;  (Get-ResourcePool -Id ResourcePool-resgroup-153).Parent\r\n\r\nName                           HAEnabled  HAFailover DrsEnabled DrsAutomationLevel\r\n                                          Level\r\n----                           ---------  ---------- ---------- ------------------\r\nMY-CLUSTER-01                     False      1          True       FullyAutomated\r\n<\/pre>\n<p>Michael<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hi, assigning permissions in vSphere is sometimes difficult. Also to find out which permissions are missing for a specific action if you are not an administrator.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[1087,358,2051,86,110],"class_list":["post-9776","post","type-post","status-publish","format-standard","hentry","category-vmware","tag-missing","tag-permissions","tag-privileges","tag-vcenter","tag-vsphere"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/michlstechblog.info\/blog\/wp-json\/wp\/v2\/posts\/9776","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/michlstechblog.info\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/michlstechblog.info\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/michlstechblog.info\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/michlstechblog.info\/blog\/wp-json\/wp\/v2\/comments?post=9776"}],"version-history":[{"count":4,"href":"https:\/\/michlstechblog.info\/blog\/wp-json\/wp\/v2\/posts\/9776\/revisions"}],"predecessor-version":[{"id":9780,"href":"https:\/\/michlstechblog.info\/blog\/wp-json\/wp\/v2\/posts\/9776\/revisions\/9780"}],"wp:attachment":[{"href":"https:\/\/michlstechblog.info\/blog\/wp-json\/wp\/v2\/media?parent=9776"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/michlstechblog.info\/blog\/wp-json\/wp\/v2\/categories?post=9776"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/michlstechblog.info\/blog\/wp-json\/wp\/v2\/tags?post=9776"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}