Required permissions for SCVMM 2012 R2 Library Share - SOFS on Clustered Storage Volume

Setup / Notes:

  • SCVMM 2012 R2
  • SCVMM Library Server - SOFS Role on 2 Nodes of Clustered Storage Server 2012 R2
  • Library Server and Nodes show up under Fabric->Infrastructure->Library Servers
  • Server and Nodes show no errors or problems
  • Shares have been added in SCVMM and able to refresh properly

Problem:

I cannot do any job which involves writing to these shares. Import Resource, Create VM Template, etc. Everything fails with Error (2910) VMM does not have appropriate permissions... Access Denied.

Solutions Tried:

I have setup FULL CONTROL Share and Security permissions for Administrators Domain and Local, SCVMM Service Account, SCVMM Run as Account, Everyone Account, SYSTEM, Hyper-V Computer Accounts basically everything in my domain. I still get access denied to the Library Server Shares.

Other Notes:

I do have shares configured for VM / shared storage for hosts. These are working great and appear to be configured completely by SCVMM.

What are the required permissions? Are they manually setup or controlled by SCVMM? Why does it appear that nobody has had this problem before me on the interwebs? Am I an idiot?


  • Edited by Nate Labo Thursday, January 09, 2014 6:06 AM
January 9th, 2014 6:04am

More Information:

It would appear that Failover Cluster Manager doesn't immediately change the permissions related to a share. I have manually gone in and set the FULL CONTROL Share and Security permissions for the Everyone Account on the Cluster Volume and the share is now working. I do need to lock this down for security purposes so what account/accounts does it need?

Scratch That:

I was able to Import a Physical resource but the saving of a VM to the library does not work... 2904 or 2910.

Anybody?

  • Edited by Nate Labo Thursday, January 09, 2014 8:27 AM
Free Windows Admin Tool Kit Click here and download it now
January 9th, 2014 8:20am

Just wanted to let everyone know that I figured out finally...

Should have known this but the SYSTEM account in a cluster doesn't appear to be used. I finally had to add the Computer accounts of both nodes with FULL -  Security and Share permissions.

So in my case:

STORAGECLUSTER

STORAGE1 (Node 1)

STORAGE2 (Node 2)

STORAGE1$, STORAGE2$ had to be added. Hope this helps someone.

  • Marked as answer by Nate Labo Sunday, January 12, 2014 4:23 AM
January 12th, 2014 4:23am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics