RE: Permission denied when writing to eventlog from global.asa

From: Jonas Back (jonasback_at_noway.com)
Date: 06/10/05

  • Next message: WenJun Zhang[msft]: "RE: Permission denied when writing to eventlog from global.asa"
    Date: Fri, 10 Jun 2005 01:33:03 -0700
    
    

    It's solved! Thank you very much for pointing me to the right direction.

    After trying to allow some more SIDs to write to the eventlog
    (IWAM_SERVERNAMNE, IUSR_SERVERNAME, LOCALSYSTEM) but still didn't get it to
    work I finally realized that I earlier allowed the Anonynous (AN) to write to
    the log:
    (D;;0xf0002;;;AN)
    but it should have been Built-In Guests (BG):
    (A;;0xf0002;;;BG)
    And then it worked!

    So, the solution to allow Domain Users to write to the Event Log and also
    Built-In-groups which is used on Session_OnEnd, we now have the following
    string and it works perfect!
    O:BAG:SYD:(D;;0xf0007;;;AN)(A;;0xf0002;;;BG)(A;;0xf0007;;;SY)(A;;0x7;;;BA)(A;;0x7;;;SO)(A;;0x3;;;IU)(A;;0x3;;;SU)(A;;0x3;;;S-1-5-3)(A;;0x2;;;S-1-5-21-1235689106-1791386253-4322286387-513)

    Thanks again for helping out. Hopefully in the next version of Windows they
    will make it easier to administrate rights to the event log.

    ""WenJun Zhang[msft]"" wrote:

    > Maybe this is caused by a known bug. In Seesion_OnEnd, the running
    > context could be reverted to process identity - i.e:
    > IWAM_<servername> or Local System.
    >
    > BUG: Session_OnEnd Changes Security Context of InProcess Component
    > http://support.microsoft.com/kb/q243828/
    >
    > Best regards,
    >
    > WenJun Zhang
    > Microsoft Online Partner Support
    >
    > This posting is provided "AS IS" with no warranties, and confers no
    > rights.
    >
    >


  • Next message: WenJun Zhang[msft]: "RE: Permission denied when writing to eventlog from global.asa"