Home Analyst Portal

Analyst Receiving "UnauthorizedAccess"

robert_fewins-kalbrobert_fewins-kalb Member IT Monkey ✭
edited September 2022 in Analyst Portal

I have an analyst who started receiving an "UnauthorizedAccess" error when he tries to change the status of any ticket (Incidents and Requests). I'm seeing on the community that this has been seen with end users, but I'm not seeing it being reported for analysts. He is a member of all the required groups. We're going to try removing him from the analyst group and putting him back in it, but I doubt that will do anything. Has anyone hit this issue before? Nothing about his PC or AD account has changed, so I'm stumped.



Update - I did find the user's attempts in the CiresonPortal logs on the web server...

2022-09-02 09:40:42,566, ERROR [ 108]: Microsoft.EnterpriseManagement.Common.UnauthorizedAccessEnterpriseManagementException: The user [USERNAME] does not have sufficient permission to perform the operation.

  at Microsoft.EnterpriseManagement.Common.Internal.ServiceProxy.HandleFault(String methodName, Message message)

  at Microsoft.EnterpriseManagement.Common.Internal.ConnectorFrameworkConfigurationServiceProxy.ProcessDiscoveryData(Guid discoverySourceId, IList`1 entityInstances, IDictionary`2 streams, ObjectChangelist`1 extensions)

  at Microsoft.EnterpriseManagement.ConnectorFramework.IncrementalDiscoveryData.CommitInternal(EnterpriseManagementGroup managementGroup, Guid discoverySourceId, Boolean useOptimisticConcurrency)

  at Microsoft.EnterpriseManagement.ConnectorFramework.IncrementalDiscoveryData.CommitForUserDiscoverySource(EnterpriseManagementGroup managementGroup, Boolean useOptimisticConcurrency)

  at Cireson.ServiceManager.ManagementService.ManagementService.<>c__DisplayClass8_0.<InvokeCommand>b__0(EnterpriseManagementGroup emg)

  at Cireson.ServiceManager.ManagementService.ManagementService.InvokeCommand[T](Func`2 func, Boolean invokeAsService)

  at System.Threading.Tasks.Task.Execute()

--- End of stack trace from previous location where exception was thrown ---

  at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()

  at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)

  at Cireson.ServiceManager.ManagementService.ManagementService.<InvokeCommandAsync>d__7.MoveNext()

--- End of stack trace from previous location where exception was thrown ---

  at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()

  at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)

  at System.Runtime.CompilerServices.TaskAwaiter.GetResult()

  at Cireson.ServiceManager.Services.Projection.<UpdateDirtyProjectionAsync>d__14.MoveNext()

Best Answer

  • robert_fewins-kalbrobert_fewins-kalb Member IT Monkey ✭
    Answer ✓

    Hey @Simon_Zeinhofer - I did more Googling after submitting this and what I had to do (just got confirmation it worked) was go into the Console, remove the user (who is in the Analyst group) from the list of Users under Configuration Item, then let the AD Connector run. He is now able to work tickets.

Answers

  • Simon_ZeinhoferSimon_Zeinhofer Customer Advanced IT Monkey ✭✭✭

    @robert_fewins-kalb Which type of user group is this user a member of?

    Are the tasks for status change for Incident and Service Request enabled? If you want this user to be able to update both, I would suggest to create a security group based on Advanced Operator, as you would have to create 2 roles (Incident Resolver, Service Request Analyst) for him/her to be able to have write access to both.

  • robert_fewins-kalbrobert_fewins-kalb Member IT Monkey ✭
    Answer ✓

    Hey @Simon_Zeinhofer - I did more Googling after submitting this and what I had to do (just got confirmation it worked) was go into the Console, remove the user (who is in the Analyst group) from the list of Users under Configuration Item, then let the AD Connector run. He is now able to work tickets.

Sign In or Register to comment.