After reading your post, I recreated the situation in a test environment. Other than re-installing, I found the following to work -
1) If not already, make the VirtualCenter server a member of a domain
2) Run DCPromo, and promote the VirtualCenter server to a Domain Controller. This will remove/disable the "Local Users and Groups", therefore the "Users" group assigned Read-Only permissions is no longer valid.
3) Reboot and log back in to the VirtualCenter server, and verify that only the "DOMAIN\Domain Admins" group has Administrator permissions
4)Re-run DCPromo, and remove the Domain Controller functionality from the VirtualCenter server (this will re-enable the Local Users and Groups). This will prompt you for a new Local Administrator account password
5)Reboot and login again to the VirtualCenter server as a Domain Admin, and grant the LOCAL administrator account "Administrators" VirtualCenter permission(s)/Role
6) You should now be good-to-go.
Granted, this method is fairly time-consuming but it will at least prevent you from having to re-install ESX. I suppose another option is, if you happen to have multiple VirtualCenter servers, is to add the ESX host to another VirtualCenter server/datacenter/whatever.