Issue Acronis Backup Server Error

[psjavi]

Server operating system version

Ubuntu 18.04.6 LTS

Plesk version and microupdate number

18.0.46

Hi, I'm having the following error regarding to the Auth to Acronis.



I'm trying to reconnect Plesk to the platform but I'm getting the following error:



I'm able to connect directly in Acronis but I'm not able to connect throught Plesk.

What I'm doing wrong?

Thanks.

 

[IgorG]

Try to find more details in Acronis Log files according to: https://support.plesk.com/hc/en-us/...services-logs-and-configuration-files#Acronis

 

[psjavi]

Hi!
This is the result trying to log in

[2022-09-06 11:13:21] [INFO] SrvRequest: {"jsonrpc": "2.0", "params": {"grantType": "password", "param2": "PASSWORD, "param1": "USERNAME", "host": ""}, "method": "configureBackupAgent", "id": "63170f31ba122"} Socket creds: {'gid': 1000, 'pid': 49527, 'uid': 999}
[2022-09-06 11:13:22] [INFO] Reading Backup Agent config...
[2022-09-06 11:13:22] [INFO] Backup Agent config was read
[2022-09-06 11:13:22] [INFO] SrvResponse: {"error": {"code": -32000, "data": {"args": ["b'{\"error\":{\"domain\":\"ApplicationAccountServer\",\"code\":1002,\"message\":\"access denied\",\"context\":null,\"details\":{\"info\":\"create client: access denied: trustee does not have required role(s) trustee \\\\\"ID: \\\\\\\\\\\\\"03f4563e-b63b-4bd4-b8e4-ce91d71da4e6\\\\\\\\\\\\\", type: \\\\\\\\\\\\\"user\\\\\\\\\\\\\", tenant ID: 364699; status: 1; roles: [accounts::readonly]\\\\\"; target \\\\\"tenant ID: 364699; parentHasAccess: true; locked by: -1\\\\\"\"}}}'"], "type": "HttpClientError", "message": "b'{\"error\":{\"domain\":\"ApplicationAccountServer\",\"code\":1002,\"message\":\"access denied\",\"context\":null,\"details\":{\"info\":\"create client: access denied: trustee does not have required role(s) trustee \\\\\"ID: \\\\\\\\\\\\\"03f4563e-b63b-4bd4-b8e4-ce91d71da4e6\\\\\\\\\\\\\", type: \\\\\\\\\\\\\"user\\\\\\\\\\\\\", tenant ID: 364699; status: 1; roles: [accounts::readonly]\\\\\"; target \\\\\"tenant ID: 364699; parentHasAccess: true; locked by: -1\\\\\"\"}}}'"}, "message": "Server error"}, "jsonrpc": "2.0", "id": "63170f31ba122"}
[2022-09-06 11:13:25] [INFO] SrvRequest: {"jsonrpc": "2.0", "params": {"customersIds": null, "ids": [], "statuses": ["in_queue", "in_progress", "failed", "succeeded"]}, "method": "getOperations", "id": "63170f354ab07"} Socket creds: {'gid': 1000, 'pid': 20090, 'uid': 999}
[2022-09-06 11:13:25] [INFO] SrvResponse: {"result": "...", "jsonrpc": "2.0", "id": "63170f354ab07"}

It seems a problem with the user (readonly role) but we haven't change anything and was working the last month.

 

[AcronisDennis]

Hi!
This is the result trying to log in

[2022-09-06 11:13:21] [INFO] SrvRequest: {"jsonrpc": "2.0", "params": {"grantType": "password", "param2": "PASSWORD, "param1": "USERNAME", "host": ""}, "method": "configureBackupAgent", "id": "63170f31ba122"} Socket creds: {'gid': 1000, 'pid': 49527, 'uid': 999}
[2022-09-06 11:13:22] [INFO] Reading Backup Agent config...
[2022-09-06 11:13:22] [INFO] Backup Agent config was read
[2022-09-06 11:13:22] [INFO] SrvResponse: {"error": {"code": -32000, "data": {"args": ["b'{\"error\":{\"domain\":\"ApplicationAccountServer\",\"code\":1002,\"message\":\"access denied\",\"context\":null,\"details\":{\"info\":\"create client: access denied: trustee does not have required role(s) trustee \\\\\"ID: \\\\\\\\\\\\\"03f4563e-b63b-4bd4-b8e4-ce91d71da4e6\\\\\\\\\\\\\", type: \\\\\\\\\\\\\"user\\\\\\\\\\\\\", tenant ID: 364699; status: 1; roles: [accounts::readonly]\\\\\"; target \\\\\"tenant ID: 364699; parentHasAccess: true; locked by: -1\\\\\"\"}}}'"], "type": "HttpClientError", "message": "b'{\"error\":{\"domain\":\"ApplicationAccountServer\",\"code\":1002,\"message\":\"access denied\",\"context\":null,\"details\":{\"info\":\"create client: access denied: trustee does not have required role(s) trustee \\\\\"ID: \\\\\\\\\\\\\"03f4563e-b63b-4bd4-b8e4-ce91d71da4e6\\\\\\\\\\\\\", type: \\\\\\\\\\\\\"user\\\\\\\\\\\\\", tenant ID: 364699; status: 1; roles: [accounts::readonly]\\\\\"; target \\\\\"tenant ID: 364699; parentHasAccess: true; locked by: -1\\\\\"\"}}}'"}, "message": "Server error"}, "jsonrpc": "2.0", "id": "63170f31ba122"}
[2022-09-06 11:13:25] [INFO] SrvRequest: {"jsonrpc": "2.0", "params": {"customersIds": null, "ids": [], "statuses": ["in_queue", "in_progress", "failed", "succeeded"]}, "method": "getOperations", "id": "63170f354ab07"} Socket creds: {'gid': 1000, 'pid': 20090, 'uid': 999}
[2022-09-06 11:13:25] [INFO] SrvResponse: {"result": "...", "jsonrpc": "2.0", "id": "63170f354ab07"}

It seems a problem with the user (readonly role) but we haven't change anything and was working the last month.

"create client: access denied:: trustee does not have required role(s) trustee"
I've discussed this internally and I can say there's a high chance that the issue you've faced is related to the security fix that was implemented recently (in the update c22.07).
Please check the following article for the solution Acronis Cyber Protect Cloud Integration with cPanel & WHM/ Plesk/ DirectAdmin: Protection plan management via plugin is unavailable | Knowledge Base
If that would not help - please contact Acronis support

 

[psjavi]

It didn't work, I'm getting a "forbidden" message:

python create_api_client.py --username XXX --password-file /root/tmp/pass --hostname cloud.acronis.com

Connecting to API end-point...
Success!
Unable to create a client or save it to the file. HTTP Error 403: Forbidden
Done! Good bye.

 

[AcronisDennis]

It didn't work, I'm getting a "forbidden" message:

You should also try changing the user account type - make it 'customer administrator' in the Acronis account management console.
You can switch it back to a normal user again once everything is installed.