Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Error when reading Event viewer security log

Posted on 2004-03-30
6
Medium Priority
?
1,674 Views
Last Modified: 2007-12-19
While logged in on W2K server w/Exchange 2k installed and working fine, all of a sudden I am unable to view my Security Log in event viewer.  All other logs are fine.

I receive a message "unable to complete the operation on "Security Log"
"A required privilege is required by the client"

What does this mean?  I trying logging on as administrator or exch admin and get the same message.  thanks.
0
Comment
Question by:jlagasse
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 30

Expert Comment

by:Rich Weissler
ID: 10714947
One possibility:

http://support.microsoft.com/?kbid=272587
This behavior can occur if the Administrators group has been removed from the "Backup Files and Directories" user right.
0
 
LVL 85

Expert Comment

by:oBdA
ID: 10715815
Another thing to look at: Start secpol.msc, go to Local Policies\User Rights Assignment; make sure the Administrators group is still listed under under "Manage auditing and security log" (by default this is the only group that has this right).
0
 

Author Comment

by:jlagasse
ID: 10716293
I took a look at that and the Administrators Group is correctly set.  Admin group also has rights to "Backup Files and Directories".  Why would this suddenly occur?
0
Will your db performance match your db growth?

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

 
LVL 30

Accepted Solution

by:
Rich Weissler earned 375 total points
ID: 10717132
I see it fairly often when I log in as an administrator of a trusted domain, but not as an account which is defined explictly as the administrator on the machine I'm administring.  That probably doesn't help you though.

Something had to have changed... make certain your admin account is still actually a member of the admin group.  Check to see if it is a member of any OTHER groups, and make certain the other groups aren't denied permissions.

Make certain you still have permissions to c:\windows\system32\config.

Make certain the SecEvent.evt file isn't corrupt.  (I.e. Disable event log service, reboot, rename the file, reenable the event log service, reboot.)  See if you can see the Security Event Log now...
0
 

Expert Comment

by:CCNI
ID: 10883021
I had this same problem and found the resolution here.  You're gonna laugh at yourself like I did to myself.

Take "GUESTS" out of the members of list.  

Guests don't have rights to the event logs

:-)
0
 

Author Comment

by:jlagasse
ID: 10884123
What lists?  I am able to see all other event logs except Security.  Thanks.
0

Featured Post

[Webinar] Lessons on Recovering from Petya

Skyport is working hard to help customers recover from recent attacks, like the Petya worm. This work has brought to light some important lessons. New malware attacks like this can take down your entire environment. Learn from others mistakes on how to prevent Petya like worms.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question