Summary

This article describes how to fix an issue with the ACL of the EC-Admin property when running EC-Admin plugin procedures.

Problem

When running EC-Admin procedures you may get the following error:

Job error [AccessDenied]: none of the principals in this authentication context ('project: EC-Admin-2.27.3.475', 'project: EC-Admin-2.27.3.475') have all the required privileges (read privilege on property 'EC-Admin', modify privilege on property 'EC-Admin') to perform the operation

Solution

EC-Admin property is a server level property so there is no direct way to access ACL definitions of it.

To modify it you have to complete the following steps:

1. Login with admin permissions to ectool - ectool login

2. Run the following command - ectool getProperty /server/propertySheet/"EC-Admin"

and you will get a similar output:

      de16fb33-4716-11e7-be59-2e9a20524153
      EC-Admin
      2017-06-01T22:08:39.884Z
      admin
      2017-06-01T22:08:39.884Z
      admin
      1
      de16fb34-4716-11e7-be59-2e9a20524153
    

3. Identify the UUID of the property which is inside tag - de16fb33-4716-11e7-be59-2e9a20524153

4. Insert the UUID for the propertySheet and your commanderServerName in the following URL:

https:///commander/link/updatePropertySection/propertySheets/?propertyName=EC-Admin&s=Administration&ss=Server

After you will be able to get to Access Control page for this property

You should add the EC-Admin project to this ACL:

After completing all descibed steps you should not run into "AccessDenied" error for accessing EC-Admin property.

Please contact support@electric-cloud.com if you have questions.