Thank you for contacting us.
Please check out this document as it looks like there is an issue with the role assignment configuration https://community.shavlik.com/docs/DOC-2213.
This will allow you to reset your role assignments.
Thanks for the reply. I will take a look at the document you mention and see if I can figure out the issue. In looking at the document, I am not sure it applies. I, as admin, still have access to the console. It is the user whose role I created who cannot open the application.
I ran the TSQL script, cleared users from Roles table. Still the exact same error. User roles is turned off in Protect, no users showing in the "Roles" box. In theory (as I recall anyway) any user who can access the Protect server should be able to open it and work within it if Roles are not enabled. They are not enabled, and it still fails. As admin, I can still access it and open it and work within.
Can you tell me if Protect should be automatically adding "Roles users" to the security permission on the Protect DB? I am finding that although I can connect to the DB via SSMS, even though I am a Protect admin, I have no upper level permissions on SQL. Unable to add users to DB, change roles within SQL, etc. I am unsure of how my associate installed Protect and SQL Express as I was out of the office at that time. But I am feeling like I am seeing a DB permissions issue.
In one of the Shavlik logs (ST.Protect.Managed.email@example.com) , I am seeing the following:
2017-04-27T14:59:56.6230689Z 0001 I Launcher.cs:348|'C:\Program Files\LANDESK\Shavlik Protect\ST.Protect.exe' is starting, version: 9.2.5119.0, full name: ST.Protect, Version=22.214.171.124, Culture=neutral, PublicKeyToken=19306d7375e33918.
2017-04-27T15:00:07.0453065Z 0001 W Connection.cs:501|Attempting to recover from a broken connection in the database connection pool. Attempt: 1, connection state: Closed, error: System.Data.SqlClient.SqlException (0x80131904): Cannot open database "Protect" requested by the login. The login failed.
Login failed for user 'VTS\dheiret'.
Can you confirm if my SQL permissions issue is confirmed?
Self reply to post resolution. Working with Ivanti support, we were able to determine that the users of the console need to proper SQL permissions, as well as being members of the local admins group on the machine Shavlik is running on. Protect console sets the permissions for Role users on SQL once Roles are enabled. The machine admin needs to add the required users to the local admins group. (Note to self: Be SURE you know how to log onto the console as a console admin prior to enabling roles. Also, add a back door admin user to the roles group so you can always get in.)