RE: Permission denied when writing to eventlog from global.asa

From: Jonas Back (jonasback_at_noway.com)
Date: 06/10/05

  • Next message: WenJun Zhang[msft]: "RE: Permission denied when writing to eventlog from global.asa" 
    Date: Fri, 10 Jun 2005 01:33:03 -0700

    It's solved! Thank you very much for pointing me to the right direction.

    After trying to allow some more SIDs to write to the eventlog
    (IWAM_SERVERNAMNE, IUSR_SERVERNAME, LOCALSYSTEM) but still didn't get it to
    work I finally realized that I earlier allowed the Anonynous (AN) to write to
    the log:
    (D;;0xf0002;;;AN)
    but it should have been Built-In Guests (BG):
    (A;;0xf0002;;;BG)
    And then it worked!

    So, the solution to allow Domain Users to write to the Event Log and also
    Built-In-groups which is used on Session_OnEnd, we now have the following
    string and it works perfect!
    O:BAG:SYD:(D;;0xf0007;;;AN)(A;;0xf0002;;;BG)(A;;0xf0007;;;SY)(A;;0x7;;;BA)(A;;0x7;;;SO)(A;;0x3;;;IU)(A;;0x3;;;SU)(A;;0x3;;;S-1-5-3)(A;;0x2;;;S-1-5-21-1235689106-1791386253-4322286387-513)

    Thanks again for helping out. Hopefully in the next version of Windows they
    will make it easier to administrate rights to the event log.

    ""WenJun Zhang[msft]"" wrote:

    > Maybe this is caused by a known bug. In Seesion_OnEnd, the running
    > context could be reverted to process identity - i.e:
    > IWAM_<servername> or Local System.
    >
    > BUG: Session_OnEnd Changes Security Context of InProcess Component
    > http://support.microsoft.com/kb/q243828/
    >
    > Best regards,
    >
    > WenJun Zhang
    > Microsoft Online Partner Support
    >
    > This posting is provided "AS IS" with no warranties, and confers no
    > rights.
    >
    >

  • Next message: WenJun Zhang[msft]: "RE: Permission denied when writing to eventlog from global.asa"

    Relevant Pages

    • Re: Windows Service AutoStart Problem (C#)
      ... > I have a problem on some machines to AutoStart a very simple windows service. ... > It just logs a line in the event log when the OnStart and OnStop occurs. ... > Event Source: Service Control Manager ... I think the problem may be that you try to write to the EventLog but the ...
      (microsoft.public.dotnet.framework.windowsforms)
    • Re: Development of event log message file
      ... registry info is because the Application entry in the registry for the ... EventLog Service does not have a key for an EventMessageFile. ... The original reason for the post was to ask if there was a better way for ... To read the event log on a remote computer, which is what it sounds like you ...
      (microsoft.public.vsnet.general)
    • RE: Setting category / event ID when tracing in VS2008
      ... To learn how to specify category for the event log entry, ... Now we can create an installer (you can choose to add the installer to your ... Public Class MyEventLogInstaller ... Now we can use the EventLog class in .NET Framework to write an event log ...
      (microsoft.public.dotnet.languages.vb)
    • RE: .NET 1.1 created event log has only "Not available" properties
      ... are several missing registry values for the .NET created event logs. ... I understanding you're using the EventLog class to ... write entries into custom eventlog in .net 1.1 application. ... // Write an informational entry to the event log. ...
      (microsoft.public.dotnet.framework)
    • Re: Security Exception with Enterprise Library Data Block
      ... >> trouble is I have no idea what the event log sink is ... >> anything with the event log. ... >> Jonathan Crawford ... >>> if your isp allows access to the eventlog, ...
      (microsoft.public.dotnet.framework.aspnet)