FIXED – Cloud MCS-Unable to create or update machine catalogs – Exception: Forbidden

Update: 29-April-2022

This issue is resolved. If you are still experiencing this issue, please open a case with Citrix Technical Support.

—————————-

Cloud MCS administrators attempting to create or update a Machine Catalog might encounter this error in Studio:

Transaction ID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Action Name: MC_AddMachineInitialzation



Exception:

DesktopStudio_ErrorId : ExceptionThrown

Exception : Citrix.Fma.Sdk.Identity.Cws.CwsIdentityException: Forbidden

at Citrix.Fma.Sdk.Identity.Cws.CwsHelper.<>c.<HandleAggregateException>b__57_0(Exception x)

at System.AggregateException.Handle(Func`2 predicate)

at Citrix.Fma.Sdk.Identity.Cws.CwsHelper.HandleAggregateException(AggregateException ae)

at Citrix.Fma.Sdk.Identity.Cws.CwsHelper.CallGetForestDomainContainers(String forest, String domain, Guid parentOu, String name, PatternMatchType patternMatchType, Nullable`1 recursive, Nullable`1 skip, Nullable`1 take, String adminUserName, SecureString adminPassword, String directoryServerHint, String transactionId)

at Citrix.Fma.Sdk.Identity.Cws.ObjectDetailsProvider.GetContainers(String forest, String domain, Guid parentContainerGuid, String name, ContainerType type, ContainerProperties propertiesToRetrieve, PatternMatchType patternMatchType, Boolean recursive, Int32 skip, Int32 limit, String adminUserName, SecureString adminPassword, String directoryServerHint, String loggingId)

at Citrix.Fma.Sdk.Identity.Cws.CwsIdentity.GetContainers(String forest, String domain, Guid parentContainerGuid, String namePattern, ContainerProperties propertiesToRetrieve, ContainerType type, SearchOptions searchOptions, String adminUserName, SecureString adminPassword, String directoryServerHint, String loggingId)

at Citrix.ADIdentity.Logic.ADIdentityLogic.ValidateOUPath(String organizationUnitPath, String domain, Nullable`1 tenantId)

at Citrix.ADIdentity.Logic.ADIdentityLogic.SetIdentityPool(IList`1 loggingDetails, String identityPoolName, Guid identityPoolUid, String namingScheme, Boolean setNamingScheme, ADIdentityNamingScheme namingSchemeType, Boolean setNamingSchemeType, Int32 startCount, Boolean setStartCount, String domain, Boolean setDomain, String ou, Boolean setOU, Nullable`1 zoneUid, Boolean setZoneUid, Boolean allowUnicode, Boolean passThru, IdentityPool& identityPoolObject)

at Citrix.ADIdentity.WcfService.<>c__DisplayClass47_0.<SetIdentityPool>b__0()

at Citrix.Fma.Sdk.ServiceCore.ServiceCore.CheckedCall[T](String name, Func`1 operation, Func`2 defaultValue, Enum code)

Reason : CwsIdentityException

Message : Forbidden

Error Source : CitrixADIdentityService

Sdk Error Message : An exception occurred. The associated message was Forbidden

Sdk Error ID : Citrix.XDPowerShell.Status.ExceptionThrown,Citrix.ADIdentity.Sdk.Commands.SetAcctIdentityPoolCommand

ErrorCategory : NotSpecified

DesktopStudio_PowerShellHistory : Adds 1 Machines to Machine Catalog ‘TEST_100’

3/18/2022 8:25:16 AM



Get-LogSite -AdminAddress “localhost:9097” -BearerToken ********

Start-LogHighLevelOperation -AdminAddress “localhost:9097” -BearerToken ******** -Source “Studio” -StartTime “3/18/2022 8:25:16 AM” -Text “Adds 1 Machines to Machine Catalog `’TEST_100`'”

Get-AcctIdentityPool -AdminAddress “localhost:9097” -BearerToken ******** -IdentityPoolName “TEST_100” -MaxRecordCount 1430581239

Set-AcctIdentityPool -AdminAddress “localhost:9097” -AllowUnicode -BearerToken ******** -Domain “test.domain.local” -IdentityPoolName “TEST_100” -LoggingId “xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx” -StartCount 4

Set-AcctIdentityPool : An exception occurred. The associated message was Forbidden

+ CategoryInfo : InvalidOperation: (:) [Set-AcctIdentityPool], InvalidOperationException

+ FullyQualifiedErrorId : Citrix.XDPowerShell.Status.ExceptionThrown,Citrix.ADIdentity.Sdk.Commands.SetAcctIdentityPoolCommand

Related:

  • No Related Posts

Leave a Reply