Solved

Error when reading Event viewer security log

Posted on 2004-03-30
6
1,669 Views
Last Modified: 2007-12-19
While logged in on W2K server w/Exchange 2k installed and working fine, all of a sudden I am unable to view my Security Log in event viewer.  All other logs are fine.

I receive a message "unable to complete the operation on "Security Log"
"A required privilege is required by the client"

What does this mean?  I trying logging on as administrator or exch admin and get the same message.  thanks.
0
Comment
Question by:jlagasse
6 Comments
 
LVL 30

Expert Comment

by:Rich Weissler
ID: 10714947
One possibility:

http://support.microsoft.com/?kbid=272587
This behavior can occur if the Administrators group has been removed from the "Backup Files and Directories" user right.
0
 
LVL 84

Expert Comment

by:oBdA
ID: 10715815
Another thing to look at: Start secpol.msc, go to Local Policies\User Rights Assignment; make sure the Administrators group is still listed under under "Manage auditing and security log" (by default this is the only group that has this right).
0
 

Author Comment

by:jlagasse
ID: 10716293
I took a look at that and the Administrators Group is correctly set.  Admin group also has rights to "Backup Files and Directories".  Why would this suddenly occur?
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 
LVL 30

Accepted Solution

by:
Rich Weissler earned 125 total points
ID: 10717132
I see it fairly often when I log in as an administrator of a trusted domain, but not as an account which is defined explictly as the administrator on the machine I'm administring.  That probably doesn't help you though.

Something had to have changed... make certain your admin account is still actually a member of the admin group.  Check to see if it is a member of any OTHER groups, and make certain the other groups aren't denied permissions.

Make certain you still have permissions to c:\windows\system32\config.

Make certain the SecEvent.evt file isn't corrupt.  (I.e. Disable event log service, reboot, rename the file, reenable the event log service, reboot.)  See if you can see the Security Event Log now...
0
 

Expert Comment

by:CCNI
ID: 10883021
I had this same problem and found the resolution here.  You're gonna laugh at yourself like I did to myself.

Take "GUESTS" out of the members of list.  

Guests don't have rights to the event logs

:-)
0
 

Author Comment

by:jlagasse
ID: 10884123
What lists?  I am able to see all other event logs except Security.  Thanks.
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question