Search the VMware Knowledge Base (KB)
View by Article ID

Troubleshooting permissions errors when connecting to vCenter Server with the vSphere Client (1003872)

  • 32 Ratings
Language Editions

Symptoms

  • Cannot connect to vCenter Server
  • Cannot log in to vCenter Server with the vSphere Client
  • This error message is displayed when trying to log on: 

    VMware Infrastructure Client could not establish a connection with server "<server>".  Details: You do not have permission to login to the server: <server> .

Purpose

This article provides information about:
  • Troubleshooting permissions issues that are preventing log in to vCenter Server.
  • Testing if you have an authentication issue.
  • Resolving problems with authentication.

Cause

This issue occurs because the user account (Active Directory user or a Local User) does not have the appropriate permissions to log in to vCenter Server.
 
By default, the local administrators group on the vCenter Server is the only group that has access to vCenter. If you try to log in as a user that is not a member of the administrators group (either directly or indirectly through another group), the log in fails because the user account has no permission to any object in the inventory.
 
Notes:
  • When running the VMware Infrastructure Client or vSphere Client directly on an ESX/ESXi host, log in as the Linux root account, and not as Windows user account. By default, AD user logins to ESX/ESXi hosts are disabled. To configure AD authentication to the ESX/ESXi hosts, see Enabling Active Directory Authentication with ESX Server or Joining vSphere Hosts to Active Directory.

  • If vCenter Server is connected to your Active Directory domain, by default, the Domain Admin's group is a member of the Local Administrators group.

Resolution

When troubleshooting a user that cannot log in to vCenter Server:
  1. Log in to the vCenter Server and restart the VMware VirtualCenter Server Service. After the service is restarted, login again. For more information, see Stopping, starting, or restarting vCenter services (1003895).
  2. Try logging in to vCenter Server with another user to check if the behavior is specific to the user that has been added. If another user is able to login, add the appropriate permissions to the problematic user.

    To add permissions to the user:
    1. Select an object from the inventory.
    2. Click the Permissions tab.
    3. Right-click and select Add Permission
  3. Try logging in to vCenter Server with the local administrator account. If the user is able to login, add the appropriate permissions for the problematic user.

    To add the permissions to the user:
    1. Select an object from the inventory.
    2. Click the Permissions tab. 
    3. Right-click and select Add Permission

If none of these steps resolve the problem, it is likely that there is a misconfiguration or corruption in the database that is preventing log in for any users. When troubleshooting a corrupt database, you must perform a reinstallation of VirtualCenter into a fresh database. For more information, see Preventing database corruption (1007457).

Note: Always contact your database vendor when you suspect database corruption.

Tags

cannot-connect-to-vcenter-server user-permissions

See Also

Update History

01-29-2014- Added product vCenter Server 5.0

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

  • 32 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.

What can we do to improve this information? (4000 or fewer characters)




Please enter the Captcha code before clicking Submit.
  • 32 Ratings
Actions
KB: