SAS® Visual Analytics displays "Error getting Entry Repository EntryInterface" or "An unexpected service error" when opening reports


Overview
When you attempt to open a report in SAS® Visual Analytics, you might see one of these errors depending on whether you are editing or viewing the report.

Report could not be opened.
An unexpected service error was encountered while attempting to fulfill the request.


The error details are similar to these, with the key part of the error being caused by null.

[FaultEvent fault=[RPC Fault faultString="java.lang.RuntimeException :
Report could not be opened. Cause: Error getting Entry Repository EntryInterface
A5XB46DX.AY000D5E/Transformation caused by null. (Reason : Operation Failed) :: java.lang.IllegalStateException, Exception: Error getting Entry Repository EntryInterface A5XB46DX.AY000D5E/Transformation caused by null. (Reason : Operation Failed)
"faultCode="Server.Processing" faultDetail="null"] messageId="4F706C53-3909-7F0C-2DB5-E54FA56AE676"
type="fault" bubbles=false cancelable=true eventPhase=2]

Known Cause and Resolution
These errors can occur when the report is saved anywhere in the folder structure of a folder that is directly beneath SAS Folders. The problem is usually caused by denying ReadMetadata to the SAS System Services group on the folder that is directly beneath SAS Folders. The SAS System Services group contains the SAS Trusted User, which is a critical service account.

It does not matter where your report is located in the folder structure. In the following example, the Sales Team folder is directly beneath SAS Folders. The reports are saved in VA Reports.

SAS Folders is selected, Sales Team, East Region, and VA reports

If the SAS System Services group has a denial of ReadMetadata on Sales Team, then the error occurs if you attempt to open a report in the VA Reports folder.

To resolve this issue, log on to SAS® Management Console as an unrestricted user such as sasadm@saspw. Ensure that the SAS System Services group has ReadMetadata access to the folder directly beneath SAS Folders. To verify effective permissions, follow these steps:

  1. In SAS Management Console, right-click the folder and select Properties. In the example, you would open the properties for Sales Team.
  2. Click the Authorization tab, and then click Advanced.
  3. In the Advanced Authorization Properties dialog box, click Explore Authorizations.
  4. In the Name or Display name box, enter system services, and click Search Now.
  5. In the Effective Permissions list, verify permissions for SAS System Services. Here are some tips depending on what you see:
    • If SAS System Services has an explicit denial (white background) of ReadMetadata, then return to the Authorization tab and grant ReadMetadata.
    • If SAS System Services has an inherited denial (gray background) of ReadMetadata, then the denial is likely inherited from the SASUSERS group. Return to the Authorization tab and grant ReadMetadata to SASUSERS or explicitly to SAS System Services.
    • If SAS System Services is granted ReadMetadata, then check permissions for the SAS General Services group. The SAS Trusted User is also a member of SAS General Servers.
    • If SAS System Services, SAS General Servers, and SASUSERS are granted ReadMetadata, then the denial might be directly on the SAS Trusted User. If so, remove the explicit denial.