|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Access denied logging to event log on Windows Server 2003exceptions from an ASP application to the event log. However on Windows Server 2003 were getting an access denied error which is outlined below. As per other recommendations I've done the following 1) Made sure the relevant event log sources are created at installation time and not runtime i.e. using InstalUtil on the assembly. 2) Used reg mon and file mon to monitor security activity. I didn't see any obvious access denied or failure type events being raised at the time of the error 3) Changed the identify of the default application pool used for the ASP application using all available options e.g. network service, local service, local system and the IWAM account. Any help would be much appreciated. ********************************************* Exception Type: System.InvalidOperationException Message: Cannot open log for source {0}. You may not have write access. TargetSite: Void OpenForWrite() HelpLink: NULL Source: System StackTrace Information ********************************************* at System.Diagnostics.EventLog.OpenForWrite() at System.Diagnostics.EventLog.WriteEvent(Int32 eventID, Int16 category, EventLogEntryType type, String[] strings, Byte[] rawData) at System.Diagnostics.EventLog.WriteEntry(String message, EventLogEntryType type, Int32 eventID, Int16 category, Byte[] rawData) at System.Diagnostics.EventLog.WriteEntry(String source, String message, EventLogEntryType type, Int32 eventID, Int16 category, Byte[] rawData) at System.Diagnostics.EventLog.WriteEntry(String source, String message, EventLogEntryType type, Int32 eventID, Int16 category) at System.Diagnostics.EventLog.WriteEntry(String source, String message, EventLogEntryType type, Int32 eventID) at System.Diagnostics.EventLog.WriteEntry(String source, String message, EventLogEntryType type) at Tranmit.ApplicationBlocks.ExceptionManagement.DefaultPublisher.WriteToLog(String entry, EventLogEntryType type) at Tranmit.ApplicationBlocks.ExceptionManagement.DefaultPublisher.Publish(Exception exception, NameValueCollection additionalInfo, NameValueCollection configSettings) at Tranmit.ApplicationBlocks.ExceptionManagement.ExceptionManager.PublishInternalException(Exception exception, NameValueCollection additionalInfo) at Tranmit.ApplicationBlocks.ExceptionManagement.ExceptionManager.Publish(Exception exception, NameValueCollection additionalInfo) at Tranmit.ApplicationBlocks.ExceptionManagement.ExceptionManager.Publish(Exception exception) at Tranmit.Sprinter.Import.SprinterEntityImport.SprinterDocumentImport.Start(IJob context, XmlNode jobStepConfigurationNode) at Tranmit.Sprinter.Import.SprinterDocumentImport.Interop.SprinterDocumentImportFactory.StartImport(DocumentType documentType, DocumentStatus startStatus) 3) Exception Information ********************************************* Exception Type: System.ComponentModel.Win32Exception NativeErrorCode: 5 ErrorCode: -2147467259 Message: Access is denied TargetSite: NULL HelpLink: NULL Source: NULL Matt wrote on Wed, 19 Apr 2006 13:22:17 +0100:
Show quoteHide quote > I had the same thing, but I can't remember exactly how I fixed it. I think > Were using the microsoft exception management application block to log > .NET exceptions from an ASP application to the event log. However on > Windows Server 2003 were getting an access denied error which is outlined > below. > > As per other recommendations I've done the following > > 1) Made sure the relevant event log sources are created at installation > time and not runtime i.e. using InstalUtil on the assembly. > 2) Used reg mon and file mon to monitor security activity. I didn't see > any obvious access denied or failure type events being raised at the time > of the error > 3) Changed the identify of the default application pool used for the ASP > application using all available options e.g. network service, local > service, local system and the IWAM account. it was something to do with adjusting group policy to allow the identities that IIS is running under for each site to have write permissions to the event log. I'll keep digging and try to find the instructions I used a couple of months ago when I got my server handling this correctly (albeit using ASP and CGI rather than ASP.NET). Dan Daniel wrote to Matt Adamson on Wed, 19 Apr 2006 14:26:24 +0100:
Show quoteHide quote > Matt wrote on Wed, 19 Apr 2006 13:22:17 +0100: http://support.microsoft.com/default.aspx?scid=kb;en-us;323076> >> Were using the microsoft exception management application block to log >> .NET exceptions from an ASP application to the event log. However on >> Windows Server 2003 were getting an access denied error which is outlined >> below. >> >> As per other recommendations I've done the following >> >> 1) Made sure the relevant event log sources are created at installation >> time and not runtime i.e. using InstalUtil on the assembly. >> 2) Used reg mon and file mon to monitor security activity. I didn't see >> any obvious access denied or failure type events being raised at the time >> of the error 3) Changed the identify of the default application pool used >> for the ASP application using all available options e.g. network service, >> local service, local system and the IWAM account. > > I had the same thing, but I can't remember exactly how I fixed it. I think > it was something to do with adjusting group policy to allow the identities > that IIS is running under for each site to have write permissions to the > event log. I'll keep digging and try to find the instructions I used a > couple of months ago when I got my server handling this correctly (albeit > using ASP and CGI rather than ASP.NET). > > Dan Basically, you need to create SDDL entries to allow the appropriate accounts write access to the application event log. Dan |
|||||||||||||||||||||||
Other interesting topics