Exception manegement application block can't write to Windows server 2003

Discussion in 'ASP .Net Security' started by Lucas, Dec 3, 2003.

  1. Lucas

    Lucas Guest

    Hi,
    I have posted a similar question to ASP.Net newsgroup but I found the "EMAB,
    Impersonation and Event log" question here and decided to ask my question
    again.
    I saw the solution proposed in
    http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q329291
    but I'm not trying to create any new Eventy Source (just the one created by
    EMAB that was created by me vis installutil).
    So my problem seems to be about writing. Here is a description:

    I have an ASP.Net application written with VS.Net 2002 (Net FWK 1.0). This
    Web Application uses Exception Management Application Block to log Events to
    Windows Event Log. We registered the Exception Management Application Block
    using installutil.
    Our Application uses impersonation and used to work fine on Windows 2000
    Server.

    Now we installed it on a Windows Server 2003 and when an exception is
    raised, we get an "Access is denied" error when the application tries to log
    the Exception to Event Log.

    At the bottom you'll find the Stack Trace.

    Any idea will be welcome

    LucasC

    Win32Exception (0x80004005): Access is denied]

    [InvalidOperationException: Cannot open log for source {0}. You may not have
    write access.]
    System.Diagnostics.EventLog.OpenForWrite() +366
    System.Diagnostics.EventLog.WriteEvent(Int32 eventID, Int16 category,
    EventLogEntryType type, String[] strings, Byte[] rawData) +280
    System.Diagnostics.EventLog.WriteEntry(String message, EventLogEntryType
    type, Int32 eventID, Int16 category, Byte[] rawData) +463
    System.Diagnostics.EventLog.WriteEntry(String source, String message,
    EventLogEntryType type, Int32 eventID, Int16 category, Byte[] rawData) +68
    System.Diagnostics.EventLog.WriteEntry(String source, String message,
    EventLogEntryType type, Int32 eventID, Int16 category) +21
    System.Diagnostics.EventLog.WriteEntry(String source, String message,
    EventLogEntryType type, Int32 eventID) +15
    System.Diagnostics.EventLog.WriteEntry(String source, String message,
    EventLogEntryType type) +11

    Microsoft.ApplicationBlocks.ExceptionManagement.DefaultPublisher.WriteToLog(
    String entry, EventLogEntryType type) +33

    Microsoft.ApplicationBlocks.ExceptionManagement.DefaultPublisher.Publish(Exc
    eption exception, NameValueCollection additionalInfo, NameValueCollection
    configSettings) +1758

    Microsoft.ApplicationBlocks.ExceptionManagement.ExceptionManager.PublishInte
    rnalException(Exception exception, NameValueCollection additionalInfo) +76

    Microsoft.ApplicationBlocks.ExceptionManagement.ExceptionManager.Publish(Exc
    eption exception, NameValueCollection additionalInfo) +1934
    Lucas, Dec 3, 2003
    #1
    1. Advertising

  2. Lucas

    MSFT Guest

    Hi Lucas,

    As you mentioned, "Our Application uses impersonation and used to work fine
    on Windows 2000 Server.". Can you tell more detail about this? What is the
    account your ASP.NET will use to write the log on windows 2000? On the
    Windows 2003 server, you can change the ASP.NET configration to make it use
    System account. Will this work?

    Luke
    Microsoft Online Support

    Get Secure! www.microsoft.com/security
    (This posting is provided "AS IS", with no warranties, and confers no
    rights.)
    MSFT, Dec 4, 2003
    #2
    1. Advertising

  3. Lucas

    Lucas Guest

    Hi Luke,
    I'm trying to run my ASP.Net application over Windows server 2003.
    Our application uses impersonate=true. I tested it with both SYSTEM and
    machine user account in processmodel of machine.config.
    I also test it changing the identity of the application pool to SYSTEM.
    As I'm impersonating I tried granting my user full control over Event Log
    registry account and Event Log folder, but nothing happens.
    Always the same problem trying to write to Application Event Log. The Event
    Log Source was created previously (using installutil with and administrator
    account) so I'm just trying to write events.
    The only way I found to make it work is when my user (the one I use to
    access the application, remember I'm impersonating) belongs to local
    Administrators group (but this is not a valid scenario)

    As I said above, I'm trying to run my Application over a Windows Server
    2003. The same application works fine in Windows 2000 Server.

    Thanks

    LucasC


    "MSFT" <> escribió en el mensaje
    news:8%...
    > Hi Lucas,
    >
    > As you mentioned, "Our Application uses impersonation and used to work

    fine
    > on Windows 2000 Server.". Can you tell more detail about this? What is the
    > account your ASP.NET will use to write the log on windows 2000? On the
    > Windows 2003 server, you can change the ASP.NET configration to make it

    use
    > System account. Will this work?
    >
    > Luke
    > Microsoft Online Support
    >
    > Get Secure! www.microsoft.com/security
    > (This posting is provided "AS IS", with no warranties, and confers no
    > rights.)
    >
    Lucas, Dec 4, 2003
    #3
  4. Lucas

    MSFT Guest

    Hi Lucas,

    I suggest you may trace the permission dennied error with some utilities,
    for exmaple, regmon and filemon. They can record all behaviors access files
    and registry entries. You may check the access denied error in their log
    file to see if we can locate the resource which cause the permission issue.
    For more information on these utilities, you can browse to:

    www.systeminternals.com

    Luke
    Microsoft Online Support

    Get Secure! www.microsoft.com/security
    (This posting is provided "AS IS", with no warranties, and confers no
    rights.)
    MSFT, Dec 5, 2003
    #4
  5. Lucas

    Lucas Guest

    Thanks Luke,

    I tryed RegMon
    I get just a few Access Denied for

    Process: w3wp.exe:2676
    Request: OpenKey
    Path: HKCU\Control Panel\International
    Result: ACCDENIED
    Other: MyDomain\MyUser

    Does this tell you something? I test it in a new (clear) Windows Server 2003
    environment. And the result was the same.
    I'll test with fileMon.

    Thanks

    Lucas C




    "MSFT" <> escribió en el mensaje
    news:eek:...
    > Hi Lucas,
    >
    > I suggest you may trace the permission dennied error with some utilities,
    > for exmaple, regmon and filemon. They can record all behaviors access

    files
    > and registry entries. You may check the access denied error in their log
    > file to see if we can locate the resource which cause the permission

    issue.
    > For more information on these utilities, you can browse to:
    >
    > www.systeminternals.com
    >
    > Luke
    > Microsoft Online Support
    >
    > Get Secure! www.microsoft.com/security
    > (This posting is provided "AS IS", with no warranties, and confers no
    > rights.)
    >
    Lucas, Dec 5, 2003
    #5
  6. Lucas

    MSFT Guest

    Hi Lucas,

    You may temporarily grant full control to everyone on this registry entry
    to see if it will help on the issue. For filemon, if you find any
    permission denied error on a special folder, you also can try to grant full
    control to see if it will help.

    Luke
    Microsoft Online Support

    Get Secure! www.microsoft.com/security
    (This posting is provided "AS IS", with no warranties, and confers no
    rights.)
    MSFT, Dec 8, 2003
    #6
  7. Lucas

    Ciaran Guest

    (MSFT) wrote in message news:<OsatL$>...
    > Hi Lucas,
    >
    > You may temporarily grant full control to everyone on this registry entry
    > to see if it will help on the issue. For filemon, if you find any
    > permission denied error on a special folder, you also can try to grant full
    > control to see if it will help.
    >
    > Luke
    > Microsoft Online Support
    >
    > Get Secure! www.microsoft.com/security
    > (This posting is provided "AS IS", with no warranties, and confers no
    > rights.)


    Hi All,

    I have the same problem and I've been reading and implementing your
    posts. Still no luck. The funny thing is this issue only arose after
    I installed the SQL Server 2000 July 2003 Cumulative Patch. I'm running
    Windows 2003. Any ideas ?

    Ciaran
    Ciaran, Jan 6, 2004
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Lucas
    Replies:
    7
    Views:
    1,873
    mattsmith321
    Dec 6, 2003
  2. Scott Zabolotzky
    Replies:
    0
    Views:
    739
    Scott Zabolotzky
    Apr 14, 2004
  3. =?Utf-8?B?SGVnZGVT?=
    Replies:
    0
    Views:
    339
    =?Utf-8?B?SGVnZGVT?=
    Sep 15, 2004
  4. morrell
    Replies:
    1
    Views:
    934
    roy axenov
    Oct 10, 2006
  5. Scott Zabolotzky

    App can't write to EventLog on Windows Server 2003

    Scott Zabolotzky, Apr 16, 2004, in forum: ASP .Net Security
    Replies:
    5
    Views:
    413
    Scott Zabolotzky
    Apr 19, 2004
Loading...

Share This Page