Re: Unable to access System & Application logs
From: Onno B. (OnnoB_at_discussions.microsoft.com)
Date: 05/03/05
- Next message: nmicheli: "Device Object Security Group Policy"
- Previous message: Thomas W Shinder [MVP]: "Re: Proxy Server Authentication Vs ISA Server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 3 May 2005 04:49:05 -0700
Hi there, I also have about the same problem, cannot access eventlogs
remotely, however they are accessible local on the server. Messages is
"access is denied" when trying to open one of the eventlogs from another
machine.
Also 'just happended after an reboot' ...
-- MCSE Admin for medium organisation "Amit Kaushal" wrote: > Hi Steve, > > Thanks, as suggested by you, i went and checked the permissions for > administrator they are correct :-( anything else ? > > Pls check the link below and suggest if i should try it : > > http://www.windowsnetworking.com/kbase/WindowsTips/WindowsNT/AdminTips/EventLogs/HowtoDeleteCorruptEventViewerLogFiles.html > > It suggests this Assuming the .evt files is corrupt: > One of the .evt files is corrupt. You will not be able to rename or > delete Sysevent.evt, Appevent.evt, or Secevent.evt since they are > always in use by the system. The EventLog service cannot be stopped > because it is required by other services. If you can start a registry > editor locally or if you have remote registry access, change the > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Start > value from 0x02 to 0x04 and reboot. Various services will fail at > reboot. Delete the event logs, %SystemRoot%\system32\config\*.evt. > Change the Start value back to 0x02 and reboot. The system will > automatically generate new, clear logs. > > > > BTW the servers are in a production environment. > > Best Regards > amit > > > > "Steven L Umbach" <n9rou@n0-spam-for-me-comcast.net> wrote in message news:<f4GdnbGfa_9t_5HfRVn-jQ@comcast.com>... > > See if you can clear those logs, which you may be able to do even if you can > > not access them in case of corruption though that would be unusual for that > > to happen to both dc's at the same time. Check the group membership of your > > account to make sure it is not a member of the guests group as guests may be > > blocked from accessing those logs by Group Policy [stranger things have > > happened]. Check the ntfs permissions on the .evt logs on the dc's to make > > sure administrators have allow permissions and no deny permissions. --- > > Steve > > > > > > "Amit Kaushal" <amit@billdesk.com> wrote in message > > news:4c63c8fc.0502102146.31beecfa@posting.google.com... > > > Hi, > > > > > > I have a windows 2000 domain with 2 DC's, both of them have SP4 > > > installed. > > > > > > After i did a reboot about 2 days, back i am unable to access the > > > System & Application logs on both the servers. I am logged in as the > > > administrator. > > > I can view the security log, Directory service, DNS server and File > > > Replication service without any issues. I am unable to access the > > > above mentioned 2 logs even if i am accessing them from the server. > > > > > > > > > Any pointers/ help will be highly appreciated. > > > > > > TIA > > > Best Regards > > > amit kaushal > > > amit@billdesk.com >
- Next message: nmicheli: "Device Object Security Group Policy"
- Previous message: Thomas W Shinder [MVP]: "Re: Proxy Server Authentication Vs ISA Server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
