is the agent 220.127.116.116?
Yes I am using the 18.104.22.1686 console and 22.214.171.1246 is installed on our servers.
Still getting these errors. We are on 8.2.03.416. Both Application and Server
Is this error occured only for Patch Analysis Job?
Are you using any dedicated role for patch analysis? if so add modify and write authorizations to that role.
What about when you execute the same patch analysis job with BLAdmins role?
I tried deleting the tmp directory under RSCD (using BL) and it returns the same error.
When i tried viewing the permission of the file through the BL GUI and I can't see them. I check another server that is working and I can see permission. Is there some security related configuration that BladeLogic should have or should inherit for it's mapping in the users.local?
send me the entire rscd and job run logi file.
check whether RSCD user locked down or not?
what was the issue Kyle?
Job run log is in the original post. I can't copy and paste into the reply window otherwise i would provide it again.
I haven't found a solution, yet.
Looks like this was slightly different that the original problem. The user populated the users file but not the users.local. Issue is resolved
After update the users.local file and removing the BladeLogic account from the Domain Admins group it started failing again. It works without any problems as long as it's in Domain Admins. I'm guessing there is some type of permissions/security setting restricting the BladeLogic users access.
Prior to being part of the Domain Admin I wasn't able to see the permission on the tmp directory within RSCD. Now that it's a domain admin I can.
What permissions is the BladeLogic account missing?
This is still unresolved.
First thing why are you adding to Bladelogic account to Domain Admin group.
Can you please provide few more information about :
1. Version of Bladelogic
2. Target Server info - is it domain controller?
Try following below method:
1. Delete BladelogicRSCD account on problemetic target server
2. Restart the Bladelogic agent service which will create Bladelogic RSCD account. Do not modify this account.
3. configure the export and user.local files
4. Validate the target server in console with BLAdmins role
5. Try browsing the server with BLAdmins role
if it is does not work after following above steps, send me the exports and user.local files, rscd logs
When running a Patch Analysis BladeLogic returned an error of permission denied. I tried viewing the permissions through BladeLogic and it I couldn't see them. I tried deleting the tmp directory and I didn't not have the authority through BladeLogic. After adding BladeLogic to the Domain Group it was able to operate as normal. This is why I believe that there must be sometime of security requirement that BladeLogic needs.
We are on 8.02.03.416, application and server.
Deleting the account, restarting the service does not fix the issue. I've already configured the Domain accounts to run with an alternate username to avoid the MS/DC user conflict.
I've already validated the exports, users.local, and users file. Those aren't the issue because I have access to the server. The issue is not role based because all roles are affected. The BladeLogic account itself does not have the necessary authority, proven by the fact adding it to Domain Admin resolves it.
I don't want adding it to Domain Admins to be the solution
By 'BladeLogic Account' do you meant the local account you are mapping to or the BladeLogicRSCD account? the later should not be in any groups.
also - this is on a member server in the domain or a domain controller ?