Re: Cannot read a Security Log from ASP.net web service

From: Chris Rolon (crolon_at_hotmail.com)
Date: 05/25/04 

Date: Tue, 25 May 2004 06:11:17 -0700

The user account that ASP .Net runs under on the 1.1 framework is "Network
Service". Check to make certain that you have granted the right account the
necessary privileges. 

-- 
Chris Rolon
This posting is provided "AS IS" with no warranties, and confers no rights.
"Ian Wright" <ian-c-wright@msn.com> wrote in message
news:Of7U#XHQEHA.3052@TK2MSFTNGP12.phx.gbl...
> There are no events recorded in the either of the logs you mentioned that
> have to do with my problem.
>
> I looked at the Programming .NET Security book by Freeman and Jones.  In
> there, they point out that the security log requires a special permission
> ("Manage auditing and security log") in order to do certain operations (p.
> 514). Even after explicitly adding the ASPNET account to this user right
> group though, it still fails with the same error.  I've also added the
> ASPNET account with Full Control rights to the registry key for the
Services
> stuff to no avail.
>
> At this point, my hunch is that the functionality I need is broken as the
> result of a recent MS security patch.  The same error happens on both of
my
> WinXP machines.  I'll try a Win2K box tomorrow.  The thing that's so
> frustrating is that even by granting the ASPNET the highest privileges and
> access to the system, the web service cannot enumerate thru the log
> collection.  Perhaps service pack 2 addresses this bug.
>
> "Eric Marvets" <ericm@bangproject.com> wrote in message
> news:%23S$m8kFQEHA.632@TK2MSFTNGP12.phx.gbl...
> > Have you turned on auditing and looked at the security or even the
> > application log for a better error message?  I have had no problems
doing
> > this in the past.
> >
> > -- 
> > Eric Marvets
> > Principal Consultant
> >
> > the bang project
> >
> > <shameless self promotion>
> >
> > Email sales@bangproject.com for Information on Our Architecture and
> > Mentoring Services
> >
> > </shameless self promotion>
> >
> >
>
>

Relevant Pages

  • Risks Digest 25.73
    ... German electronic health card system failure ... Risks of the Cloud: Liquid Motors ... Oakland 2010, IEEE Symposium on Security and Privacy, CFP ... A friend's facebook account was hacked recently (a neat little short-term ...
    (comp.risks)
  • Re: SOS! IIS Stopped working completely!
    ... taking IWAM_Machine user out of the Guests Security group works! ... Does IWAM_Machine user needs to be a member of the guest account group? ... the ASPNET user account has access to write to the ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: MBSA, Office Update, Versions, Failures
    ... I apologize for posting this to three groups (MBSA, Windows Update, ... with Domain User account. ... Microsoft Baseline Security Advisor (? ... Office 2000 Security Patches - Red X's, ...
    (microsoft.public.officeupdate)
  • Re: write with cURL
    ... you can stop making excuses. ... up an account for you, process the billing, etc. ... possible features from a web site to make up for the security issues. ... Nothing you have told me shows me you know how to lock down a server ...
    (alt.php)
  • Re: Basic Authentication fails with Error 401.2 where Integrated s
    ... On the IIS directory security tab, anonymous access is disabled, digest ... authentication is disabled, integrated authentication is disabled and basic ... account created has full permissions for the folder and the file that's in it. ...
    (microsoft.public.inetserver.iis.security)
Quantcast