Re: Service, Requested registry access is not allowed

Actually, this isn't true. I have several .NET-based Windows services that
write to a custom event log and work fun running under Network Service.
Running with escalated privileges under the local System account is a bad
idea and something you should avoid if possible.

I'd suggest figuring out if this is an NT ACLs issue or something weird in
..NET that is causing the problem. Regmon and Filemon from Sysinternals can
quickly determine the former for you. Just look for an access denied
message when your service tries to write to the event source.

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"theking2" <theking2@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:089E07B1-D88A-43FB-9340-E10A02B21EA4@xxxxxxxxxxxxxxxx
Well basically I lied. I did not have the service logon as LocalSystem.
With
LocalSystem everything seems to work just fine. :-) So just a helpful hint
to
all service developers out there. If you plan to write to the (customized)
eventlog make sure the service is designed to run under LocalSystem
account.
In that case you don't even need the installer.

"theking2" wrote:

Yes I know there are a zillion threads about the security exception
"Requested registry access is not allowed" but I feel I went by the book
and
it still does not work.

I've written a Windows service using the Service Template in VSC#. The
Service needs to write to a customized eventlog. I also included a
Setup&deployment project and added an installer to the service project
installing the Eventlog. After the installer runs succesfully the
Eventlog
entry is available in the Registry. The services however cannot write
entries
to this eventlog, throwing the exception mentioned.
So the installer is run under Admin priv's and therefor can create the
eventlog. The service run under LocalSystem, LocalService, or
NetworkService
account cannot add to this eventlog. What is wrong here?


.

Relevant Pages

  • Re: Service, Requested registry access is not allowed
    ... I agree, Joe, it is not a great idea to elevate rights to circumvent access ... eventlog assuming that the user installing the service has appropriate ... In that case you don't even need the installer. ...
    (microsoft.public.dotnet.security)
  • Re: SCSI miniport-Custom Log messages
    ... Use this API-Functions for error logging in eventlog instead of your ... Make sure that you use the custom build step for your .mc file: ... Also make the necessary entries in the registry by your inf file. ... After installing this driver, an event is getting logged in the event log, ...
    (microsoft.public.development.device.drivers)
  • RE: EventLog Source still created after deleting all references to it
    ... I have deleted all references that I could find related to the source ... application log and not my custom log. ... > I created the EventLog using the component on VS 2003 toolbar ... > Added an installer for it. ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: MMC-Programme etc. starten nicht bei Win2003
    ... Hast Du schon einmal probiert über das Netzwerk von einer Workstation aus auf das Eventlog zugriff zu erlangen? ... Irgend eine Meldung muss ja im Eventlog stehen. ... Eventuell ist ja der Installer Dienst defekt. ... macht man das von einer dedizierten Workstation aus. ...
    (microsoft.public.de.german.windows.server.general)
  • EventLog.Source & Service Programs
    ... I am writing a service program that writes to a custom EventLog. ...
    (microsoft.public.dotnet.languages.vb)