How to fix user is not authorized error in vRealize Orchestrator (vRO)

Orchestrator is a great tool that can be used to automate day-to-day tasks in a virtualized environment. Nothing ruins someone’s day like spending many hours trying to get the orchestrator permissions fixed. I have always ran into this issue while configuring the orchestrator for the first time. I ran into the same issue with vRO in my home lab setup today and after lot of searching the world wide web I realized there’s actually a fix for this. Thought I’ll write up a quick post to share it with everyone.

Configuring the Authentication on vRO configuration page is pretty simple. Point the web browser to http://<vro-server>:8281. Login with user “vmware” and the password you set the frst time you logged  in into this portal.

Click on Authentication and setup the SSO configuration.


The issue arises when you try logging into the vRO server using the client. You see the “[0002] user is not authorized” error in vRealize Orchestrator client.


This happens for all the users in the VCO Admins group on the domain. But when you try logging in into the vRO using the “administrator@vsphere.local” user, it works :\

So the quick fix for this is to login into the orchestrator using the SSO admin (administrator@vsphere.local) and then click on the home tab.

On the right pane, find the Permissions tab and click on the add button. Then search for the group on the AD and add it. This will solve the permission issue.


Drop a comment below to let me know if this works and also if there is any other way to get this fixed. Any feedback is appreciated.

Leave a Reply