Hi Marty,
Please use this guide to switch to dynamic role feature from the default
static-checker:
http://cloudstack-administration.readthedocs.io/en/4.9/accounts.html#using-dynamic-roles
If you've manually set the global setting to true, you need to move/rename the
commands.properties file in the classpath (usually at
/etc/cloudstack/management/ or somewhere in /usr/share/cloudstack-management).
You can use a python script (see the link above) to migrate existing rules in
commands.properties file to the database.
Regards.
From: Marty Godsey
Sent: 17 August 2016 09:57:05
To: dev@cloudstack.apache.org
Subject: Upgrade from 4.8.0.1 to 4.9 issue
I upgraded a very clean environment of 4.8.0.1 to 4.9 and I am receiving this
error when trying to enable the dynamic.apichecker.enabled setting:
2016-08-17 00:20:03,148 DEBUG [c.c.a.ApiServlet]
(catalina-exec-25:ctx-01fb5369) (logid:3a6b506e) ===START=== 192.168.250.250
-- GET
command=updateConfiguration&response=json&name=dynamic.apichecker.enabled&value=true&_=1471407604828
2016-08-17 00:20:03,156 INFO [c.c.a.ApiServer] (catalina-exec-25:ctx-01fb5369
ctx-9c3c87d4) (logid:3a6b506e) Restricted configuration update not allowed
2016-08-17 00:20:03,157 DEBUG [c.c.a.ApiServlet] (catalina-exec-25:ctx-01fb5369
ctx-9c3c87d4) (logid:3a6b506e) ===END=== 192.168.250.250 -- GET
command=updateConfiguration&response=json&name=dynamic.apichecker.enabled&value=true&_=1471407604828
When I say clean this is an environment that is all of two weeks old and has 2
instances and about 5 accounts. These accounts are LDAP integrated and
authenticate without issue after the update. All functions seems to work accept
the role-based additions. The GUI doesn't even show the little icon in the tab.
The management servers are Ubuntu 14.04.05 and the I am using community
packages. There were no errors on the update.
Thank you for the help.
Regards,
Marty Godsey
rohit.ya...@shapeblue.comĀ
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
