Win XP event log: Access denied

Discussion in 'ASP .Net Security' started by Stephane, Jan 17, 2005.

  1. Stephane

    Stephane Guest

    Hi,

    I have an ASP.NET web site using event log to log errors. My home server
    used to be Win 2000 and it has always worked fine. Few days ago, I installed
    Win XP and since then, I have security problems... Here's the error I get:

    System.Web.Services.Protocols.SoapException: Server was unable to process
    request. --> Cannot open log for source {0}. You may not have write access.
    --> Access is denied

    I don't know how to set permissions in Win XP to let ASPNET user write in
    event log.

    Any idea??

    Thanks,

    Stephane
    Stephane, Jan 17, 2005
    #1
    1. Advertising

  2. Stephane

    Stephane Guest

    Hi,

    After few other tests, it looks like it's any of my applications which are
    called by ASP.NET that are having trouble with event log. Here's the last
    error:

    System.InvalidOperationException: Cannot open log for source {0}. You may
    not have write access. ---> System.ComponentModel.Win32Exception: Access is
    denied

    I didn't have this problem on windows 2000. But since I'm on Win XP now, I
    have to solve this. I set full control to everyone on every drive of my
    computer and it still not working...

    Any idea of how to set permissions to write in event log in Win Xp?

    Thanks,

    Steph
    Stephane, Jan 17, 2005
    #2
    1. Advertising

  3. Stephane

    richlm Guest

    see http://support.microsoft.com/default.aspx?scid=kb;en-us;842795

    Yes the default registry permissions on XP/2003 are tighter than on 2000.

    The first time your app tries to write to the event log, it checks to see if
    an event source for your application (typically the application name)
    already exists. If not, it tries to create it.

    Event log sources are stored in the registry under:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\...

    Changing file system permissions will have no effect on the registry. If you
    start regedit.exe and locate the registry key above, right click and select
    'Permissions' you can see which accounts do have access.
    You could just add the ASPNET account here, but this is a BAD idea because
    it will complicate deployment of your application and weaken security.

    The usual solution is to create the event source at installation time using
    EventLog.CreateEventSource (or the EventLogInstaller class). Installation
    will normally be done in the context of an administrator account.

    Here's a couple of links to get you started:
    http://msdn.microsoft.com/library/d...bwlkWalkthroughCreatingEventLogInstallers.asp
    http://msdn.microsoft.com/library/d...gyourapplicationassourceofeventlogentries.asp
    richlm, Jan 18, 2005
    #3
  4. Stephane

    Stephane Guest

    I solve my problem using impersonation in web.config like this...

    <identity impersonate="true" userName="stephane" password="12345"/>

    I guess this is not te best way, but at least it's working on my development
    server.

    Thanks,

    Steph

    "richlm" wrote:

    > see http://support.microsoft.com/default.aspx?scid=kb;en-us;842795
    >
    > Yes the default registry permissions on XP/2003 are tighter than on 2000.
    >
    > The first time your app tries to write to the event log, it checks to see if
    > an event source for your application (typically the application name)
    > already exists. If not, it tries to create it.
    >
    > Event log sources are stored in the registry under:
    > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\...
    >
    > Changing file system permissions will have no effect on the registry. If you
    > start regedit.exe and locate the registry key above, right click and select
    > 'Permissions' you can see which accounts do have access.
    > You could just add the ASPNET account here, but this is a BAD idea because
    > it will complicate deployment of your application and weaken security.
    >
    > The usual solution is to create the event source at installation time using
    > EventLog.CreateEventSource (or the EventLogInstaller class). Installation
    > will normally be done in the context of an administrator account.
    >
    > Here's a couple of links to get you started:
    > http://msdn.microsoft.com/library/d...bwlkWalkthroughCreatingEventLogInstallers.asp
    > http://msdn.microsoft.com/library/d...gyourapplicationassourceofeventlogentries.asp
    >
    >
    >
    >
    Stephane, Jan 18, 2005
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?U3RlcGhhbmU=?=

    ASPNET can't write in event log on win XP

    =?Utf-8?B?U3RlcGhhbmU=?=, Jan 18, 2005, in forum: ASP .Net
    Replies:
    6
    Views:
    10,236
    navyjax2
    Oct 30, 2008
  2. Vikram
    Replies:
    0
    Views:
    753
    Vikram
    Apr 5, 2006
  3. JimLad
    Replies:
    0
    Views:
    604
    JimLad
    Jan 26, 2010
  4. Krist
    Replies:
    6
    Views:
    725
    Arne Vajhøj
    May 7, 2010
  5. Jaloha
    Replies:
    0
    Views:
    161
    Jaloha
    Jul 2, 2004
Loading...

Share This Page