RE: Cannot open log for source {0}. You may not have write access.

From: JimM (JimM_at_noemail.nospam)
Date: 08/16/05

Date: Tue, 16 Aug 2005 11:09:05 -0700

I am also having the same problem in the pervious thread and I have done
every step suggested, but I am still getting the problem. I run my ASP.NET
application and services on a Windows Server 2003 (unknown if SP1 applied).
Both the application and services runn in different Application Pools with
unique identities.

I have run both Regmon and Filemon. I do not see any Access Denied error
via the Regmon. I also do not see any opens, or writes to the .EVT file for
the log. What I have noticed if I change the identity from the unique
accounts to the NETWORK_SERVICES, the Eventlog write succeeds.

Now the accounts used in the application pool were created by copying the
NETWORK_SERVICE account and the Local Security settings were addjusted to add
these unique accounts to the same locations and setting where the
NETWORK_SERVICE account existed. I may have missed something, but what.

Does anyone have an idea where I should look next.


"Magdelin" wrote:
> Hi,
> I have hosted my .NET Remote application in IIS 6.0 on Win2K3. Application 
> performs "Basic" authentication and identity is impersonated in web.config 
> file. Errors and exceptions from the .net remote application are logged to a 
> custom event log on the application server on which the application is 
> hosted. The error logging fails with the message "Cannot open log for source 
> {0}. You may not have write access.". 
> Registry on the server already has a  Key for both the custom event log and 
> custom event source. I have granted read/write permission to the 
> HKLM/CurrentControlSet/Services/Event log key in the registry and all its 
> subkeys to all the users who might probably get impersonated in the 
> application. I have also granted read/write permission to the above mentioned 
> users for the <customeventlog>.evt file within the 
> c:\windows\system32\config. 
> But, the application still throws security exception with the message 
> "Cannot open log for source {0}. You may not have write access." whenever the 
> application tries to write the custom event log.
> What would the minimum set of permissions that have to be granted to the 
> impersonated users in ASP.NET application to allow the users to be able to 
> write to custom event logs setup on application/web server?
> Any quick response or pointers would be greatly appreciated.
> Thanks in advance.
> Magdelin