When trying to view Logs through Web Admin, the following message is displayed even when attempting to view the default SQL Channel Logs: "Your administrator needs to configure Log View Access for TPP logging"
When attempting to modify the MS SQL settings to rectify the issue you receive the following error message despite using Windows credentials: "Database: The provided credentials were not accepted by the server"
The default SQL Channel Log displays correctly if viewed from Windows Admin using the same credentials
This is typically because of the Impersonate Identity setting which is configured in IIS.
The default setting is for Impersonate Identity to be set to false - this means that when connecting to SQL the account attached to the application pool is used. If Impersonate Identity is set to true then the details contained within the identity setting in IIS are used. If these details are blank then IIS attempts to connect anonymously - you can see these as failed attempts in the Application event log on the SQL Server (assuming failed logins are audited - they are by default).
Set Impersonate Identity to False for the VEDAdmin container in IIS Manager.
1. Open IIS Manager
2. Expand Sites>Venafi and select VEDAdmin
3. Open Configuration Editor under Management.
4. Change the section drop-down to System.Web>Identity
5. Set the impersonate value to False.
6. Apply and reset IIS (run iisreset from an elevated command prompt).
Logs should now be viewable through the Web Admin Console.