KBEC-00419 - Accessing EC-Admin ACL properties


This article describes how to fix an issue with the ACL of the EC-Admin property when running EC-Admin plugin procedures.


When running EC-Admin procedures you may get the following error:

Job error [AccessDenied]: none of the principals in this authentication context ('project: EC-Admin-', 'project: EC-Admin-') have all the required privileges (read privilege on property 'EC-Admin', modify privilege on property 'EC-Admin') to perform the operation


EC-Admin property is a server level property so there is no direct way to access ACL definitions of it.

To modify it you have to complete the following steps:

  1. Login with admin permissions to ectool - ectool login <user> <passwd>

  2. Run the following command - ectool getProperty /server/propertySheet/“EC-Admin”

and you will get a similar output:

  1. Identify the UUID of the property which is inside <propertyId> tag - <propertyId>de16fb33-4716-11e7-be59-2e9a20524153</propertyId>

  2. Insert the UUID for the propertySheet and your commanderServerName in the following URL:


After you will be able to get to Access Control page for this property

Note: Workaround for older versions of the product where the solution does not work

In this case, you might need to change the URL proposed in the previous section (step 4) and use:


You should add the EC-Admin project to this ACL:

After completing all descibed steps you should not run into “AccessDenied” error for accessing EC-Admin property.

Please contact support@cloudbees.com if you have questions.

Have more questions?


Please sign in to leave a comment.