Cannot join Workflow Farm (Add-WFHost)

Question

I have recently

1. installed Workflow Manager Cumulative Update 2
2. Upgraded Server Bus from 1.0 to 1.1

Now when I try to join the WF Farm, I get a 401 error saying

The remote server returned an error: (401) Unauthorized. Manage claim is required for this operation...

The interesting thing is that I can join SB Farm just fine, but just not the WF Farm.

Here's the output from WF PowerShell:

PS C:\Program Files\Workflow Manager\1.0> Add-WFHost -WFFarmDBConnectionStringData 'Source=sqlserver;Initial Catalog=WFManagement;Integrated Security=True;Encryt=False' -RunAsPassword $RunAsPassword -EnableFirewallRules $true -SBClientConfiguration $SBClientConfiguration -CertificateAutoGenerationKey $CertificateAutoGenerationKey -Verbose;

VERBOSE: [04-05-2015 07:05:32]: Validating input and configuration parameters.
VERBOSE: [04-05-2015 07:05:33]: Installing auto-generated certificate.
VERBOSE: [04-05-2015 07:05:36]: Granting 'Log on as Service' privilege to the RunAs account.
VERBOSE: [04-05-2015 07:05:36]: Workflow Manager configuration starting.
VERBOSE: [04-05-2015 07:05:37]: Configuring Workflow Manager runtime settings.
Add-WFHost : The remote server returned an error: (401) Unauthorized. Manage cl
aim is required for this operation..TrackingId:653bd8b8-5061-4f3a-809a-cd7fd4b9
b665_Gunopsdk576903,TimeStamp:04-05-2015 05:05:38
At line:1 char:1
+ Add-WFHost -WFFarmDBConnectionString 'Data Source=sqlserver;Initial Catalog=WFM
ana ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~
    + CategoryInfo          : OperationStopped: (:) [Add-WFHost], Unauthorized
   AccessException
    + FullyQualifiedErrorId : WFRuntimeSettingFailed,Microsoft.Workflow.Deploy
   ment.Commands.AddWFHost

Any pointers?

Answer 1

After 2 days of struggle and name-calling, I finally have found the problem - WorkflowDefaultNamespace (which is Service Bus namespace) didn't have my account in ManageUsers list:

PS > Get-SBNamespace -Name WorkflowDefaultNamespace

SubscriptionId        : 00000000000000000000000000000000
State                 : Active
Name                  : WorkflowDefaultNamespace
AddressingScheme      : Path
CreatedTime           : 17-02-2015 14:31:09
IssuerName            : WorkflowDefaultNamespace
IssuerUri             : WorkflowDefaultNamespace
ManageUsers           : {wf@crp, johnsmith@crp}
DnsEntry              :
PrimarySymmetricKey   : ******************************
SecondarySymmetricKey :

Basically my account niaher@crp was not in the list.

Solution was simple:

Set-SBNamespace -Name WorkflowDefaultNamespace -ManageUsers @('wf@crp', 'johnsmith@crp', 'niaher@crp')

Now I could Add-WFHost and join the farm successfully. If only I could get my 2 days back...