Mon Jul 04, 2022 6:44 am
Login Register Lost Password? Contact Us

Please Note: The HPCC Systems forums are moving to Stack Overflow. We invite you to post your questions on Stack Overflow utilizing the tag hpcc-ecl ( This legacy forum will be active and monitored during our transition to Stack Overflow but will become read only beginning September 1, 2022.

File Spray from Thor to Roxie - Access Denied

Post questions specific to installation or configuration for the HPCC Systems platform

Mon May 24, 2021 6:16 pm Change Time Zone

Hi Guys,

I'm installing a roxie cluster into Azure (installation using VMs) and I'm running a Thor cluster where I built the necessary keys to my queries. I want to be able to have several Thor clusters where I can copy files to this Roxie running in Azure. However, when I try to perform a remote copy, I'm facing an error, saying that my ESP Server (client) doesn't have permission to copy from Thor's dali server (attached the error into this post).

Probably I'm missing a very small detail for this problem, however, I've tried several solutions and didn't work. What I've tried:
- Added the thor node into hardware list of my roxie cluster
- Added authentication (same user) in thor and roxie ECLWatch/ESP
- Disabled UDP Multicast (Azure doesn't support Multicast - I though this could be impacting the communication between nodes, but It was a shot in the dark).

Thanks for your help,

Artur Baruchi
(5.13 KiB) Not downloaded yet
Posts: 19
Joined: Thu Apr 18, 2019 4:50 pm

Wed May 26, 2021 8:25 am Change Time Zone

In recent versions of HPCC access to dali is protected with a whitelist. You will need to add an exception for the azure cluster to the whitelist.

See and linked issues for more details.

In future versions (probably 8.4) the need to directly connect to dali will be removed and the remote copying will be routed through esp.
Community Advisory Board Member
Community Advisory Board Member
Posts: 199
Joined: Wed May 18, 2011 9:48 am

Wed May 26, 2021 8:31 am Change Time Zone


this is being caused by Dali's AllowList mechanism, which prevents unknown/unauthorized clients from accessing Dali meta data (this feature was added in version 7.4).

By default only clients within the same environment are permitted (they are implicitly added to the AllowList).

However you can add other clients to the AllowList, or disable the feature.
To disable the feature, you would need to add:
<AllowList enabled="false"/>

as a property under DaliServerProcess in the environment.xml

There is more info in the HPCC Systems® Administrator's Guide, under the section 'The AllowList in Dali'.

Hope that helps.
Community Advisory Board Member
Community Advisory Board Member
Posts: 82
Joined: Tue Jul 19, 2011 12:58 pm

Thu May 27, 2021 1:53 pm Change Time Zone


Thanks for your replies. Looks like, after adding the ESP server in White List, the error disappeared. I still not able to copy the index, but I think it is a different error now. I'm investigating the problem right now, however, I really appreciate your help.

Posts: 19
Joined: Thu Apr 18, 2019 4:50 pm

Return to Installation

Who is online

Users browsing this forum: Google [Bot] and 1 guest