Re: Unable to access Security Event Log Windows 2003 Stand alone

I have never tried that but make sure that you logoff the user and logon
again which may need a reboot in your case. You can also enable auditing of
privilege use for failure to see if the account lacks any needed user rights
by looking in the security log for failure events. --- Steve

"ssnodgra" <ssnodgra@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>I have an app that cannot access the Security Event Log. It runs as a
> and does not have probs accessing the application or system log. The
> service
> is running as the administrator user. Tried it with multiple users and the
> system account. The error that get loged is Windows error code : 1722
> Win32Exception: Lookupaccountsid: 1722. I used secpol to make sure that
> administrator has the Manage auditing and security log right. I used the
> resource kit ntrights tool to give the administrator the
> SeSecurityPrivilege.
> Its interesting that I can run whoami /all and it shows that Manage
> auditing
> and security log is disabled. Any ideas? Thanks in advance.
> Frustrated...


Relevant Pages

  • Re: Monitor User Remotely.
    ... activity, auditing of process tracking on ... remotely via administrator share, and folder files have creation timestamps ... he can clear the security log. ... > Is there any way we can remotely monitor him, ...
  • Re: Grey screen after login to 2003 TS
    ... Anything in the EventLog, especially the security log? ... I believe that this can happen when users have too few permissions on ... Run them as administrator (when no user ... MCSE,CCEA, Microsoft MVP - Terminal Server ...
  • Re: Is there a way to query Security Event Log with Filter in C#?
    ... I am login as an administrator on my Win2k server. ... have over 55k of entries in Security log in Event Viewer. ... ManagementObjectSearcher mos = new ManagementObjectSearcher; ... foreach ) ...
  • Re: Server 2003 updates fail
    ... Some how the administrators was removed from Manage auditing and security log in the local security setting. ... > Please verify permissions on the following rights include the built-in ... I was log on as the administrator when getting ...
  • Re: Monitor the Adminstrator
    ... You can't realistically restrict an administrator. ... and a malicious administrator could modify the security log. ... See the link below on auditing. ... For starts it is a good idea to at least audit ...