Error when reading Event viewer security log

While logged in on W2K server w/Exchange 2k installed and working fine, all of a sudden I am unable to view my Security Log in event viewer.  All other logs are fine.

I receive a message "unable to complete the operation on "Security Log"
"A required privilege is required by the client"

What does this mean?  I trying logging on as administrator or exch admin and get the same message.  thanks.
jlagasseAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Rich WeisslerConnect With a Mentor Professional Troublemaker^h^h^h^h^hshooterCommented:
I see it fairly often when I log in as an administrator of a trusted domain, but not as an account which is defined explictly as the administrator on the machine I'm administring.  That probably doesn't help you though.

Something had to have changed... make certain your admin account is still actually a member of the admin group.  Check to see if it is a member of any OTHER groups, and make certain the other groups aren't denied permissions.

Make certain you still have permissions to c:\windows\system32\config.

Make certain the SecEvent.evt file isn't corrupt.  (I.e. Disable event log service, reboot, rename the file, reenable the event log service, reboot.)  See if you can see the Security Event Log now...
0
 
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
One possibility:

http://support.microsoft.com/?kbid=272587
This behavior can occur if the Administrators group has been removed from the "Backup Files and Directories" user right.
0
 
oBdACommented:
Another thing to look at: Start secpol.msc, go to Local Policies\User Rights Assignment; make sure the Administrators group is still listed under under "Manage auditing and security log" (by default this is the only group that has this right).
0
What Kind of Coding Program is Right for You?

There are many ways to learn to code these days. From coding bootcamps like Flatiron School to online courses to totally free beginner resources. The best way to learn to code depends on many factors, but the most important one is you. See what course is best for you.

 
jlagasseAuthor Commented:
I took a look at that and the Administrators Group is correctly set.  Admin group also has rights to "Backup Files and Directories".  Why would this suddenly occur?
0
 
CCNICommented:
I had this same problem and found the resolution here.  You're gonna laugh at yourself like I did to myself.

Take "GUESTS" out of the members of list.  

Guests don't have rights to the event logs

:-)
0
 
jlagasseAuthor Commented:
What lists?  I am able to see all other event logs except Security.  Thanks.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.