The vSphere client could not connect to You do not have permission

I've added a local non root user but can't login through the vSphere client as anything other than root. Interstingly the user isn't in the authorization XML file. I'm not using SSO and I get an odd error when I try to disable lockdown mode (see below). What do I need to do to get around this?

~ # cat /etc/vmware/hostd/authorization.xml
<ConfigRoot>
  <ACEData id="10">
    <ACEDataEntity>ha-folder-root</ACEDataEntity>
    <ACEDataId>10</ACEDataId>
    <ACEDataIsGroup>false</ACEDataIsGroup>
    <ACEDataPropagate>true</ACEDataPropagate>
    <ACEDataRoleId>-1</ACEDataRoleId>
    <ACEDataUser>root</ACEDataUser>
  </ACEData>
  <ACEData id="11">
    <ACEDataEntity>ha-folder-root</ACEDataEntity>
    <ACEDataId>11</ACEDataId>
    <ACEDataIsGroup>false</ACEDataIsGroup>
    <ACEDataPropagate>true</ACEDataPropagate>
    <ACEDataRoleId>-1</ACEDataRoleId>
    <ACEDataUser>dcui</ACEDataUser>
  </ACEData>
  <ACEData id="12">
    <ACEDataEntity>ha-folder-root</ACEDataEntity>
    <ACEDataId>12</ACEDataId>
    <ACEDataIsGroup>false</ACEDataIsGroup>
    <ACEDataPropagate>true</ACEDataPropagate>
    <ACEDataRoleId>-1</ACEDataRoleId>
    <ACEDataUser>vpxuser</ACEDataUser>
  </ACEData>
  <NextAceId>13</NextAceId>
</ConfigRoot>
~ #
~ # vim-cmd -U dcui vimsvc/auth/lockdown_mode_exit
(vim.fault.AdminNotDisabled) {
   dynamicType = <unset>,
   faultCause = (vmodl.MethodFault) null,
   msg = "",
}
~ #