Tag Archives: lockdown

Adding a host to vCenter - Datacenter.QueryConnectionInfo Error

Symptom: When adding a host to your vCenter Datacenter, you receive the following error:

Permission to perform this operation was denied. You do not hold privilege "System > View" on folder""

Error Stack
Call "Datacenter.QueryConnectionInfo" for object "DATACENTERNAME" on vCenter Server "myhost.mydomain" failed.
VMware - Error Datacenter.QueryConnectionInfo

Resolution: Make sure you have not enabled Lockdown mode on the host. To change the setting, use the direct console user interface (DCUI), and press F2. Login with your credentials and arrow down to Configure Lockdown Mode and hit enter. Make sure this option is disabled (unchecked) when the prompt opens. With Lockdown Mode disabled, try adding the host to vCenter.

Additionally, make sure that you can fully resolve the DNS name to the actual ESXi host.  If the DNS entry does not exist or points to an invalid ESXi host, the warning will be prompted as well.

If you still have issues, you can try restarting the Management Agents using the troubleshooting menu. Use the DCUI, press F2, login with your credentials, and arrow down to Troubleshooting Options and press Enter. Arrow down to Restart Management Agents and hit enter. This will restart some of the ESXi services on the host and should allow it to connect to vCenter.

VMWare Lockdown Mode

Here is how to enable it:

To enable Lockdown mode via console:
Log in directly to the ESXi host.
Open DCUI on the host.
Press F2 for Initial Setup.
Toggle the Configure Lockdown Mode setting.

To enable Lockdown mode via vSphere:
Log in to vSphere
Click on the Home->Inventory->Hosts and Clusters
Click on the host you want to manage
Click on the Configuration manager
Click on "Security Profile" on the left side
Click the Edit... link next to Lockdown Mode
Enable it!