Capture logon / logoff to remote server application log using objShell.LogEvent

I'm trying to capture domain user login and logout information using the script below.  The run through GP - User Configuration - Script (logon/logoff).  If logon as domain user, the script runs without error but will not write event to application log to server.  If domain user is given admin right to the server (where event is to be writen) it works fine.  I have give right to the application event log directory.   How can I make it work without giving admin right to the server?


Dim wshShell, wshNetWork
Dim strUserDomain, strUserName, strComputerName, strMsg
On Error Resume Next

Set wshShell = WScript.CreateObject("WScript.Shell")
Set wshNetWork = WScript.CreateObject("WScript.Network")

strUserDomain = wshNetWork.UserDomain
strUserName = wshNetWork.UserName
strComputerName = wshNetWork.ComputerName

strMsg = "User Name: '" & strUserName & "' ‚Client computer"  + _
" Name: '" & strComputerName & "'" + _
" User Domian: '" &strUserDomain & "'"

wshShell.LogEvent AUDIT_SUCCESS, strMsg, "\\uni_eng"
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Ady FootSharePoint ConsultantCommented:
You need to modify the permissions on the event log to allow Domain Users to write events:



Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Justin OwensITIL Problem ManagerCommented:
You probably need to give "Authenticated Users" both read (in order to traverse the folder) and write access to the folder which contains the file you are creating.  To test that theory, have it write to %logonfolder%\test\logfile.log (or whatever) and see if it will write without admin access.
Ady FootSharePoint ConsultantCommented:

Unless I've misunderstood, I believe the author is attempting to write directly to the application event log on the server.


Cloud Class® Course: MCSA MCSE Windows Server 2012

This course teaches how to install and configure Windows Server 2012 R2.  It is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

Justin OwensITIL Problem ManagerCommented:
You are right.  I misread that.  Good catch.
Ady FootSharePoint ConsultantCommented:
No problem - I often jump in on posts with the best of intentions to help the author but then find I've missed something :-)

All the best,

samtingAuthor Commented:
Did not mean to abandon this post but other issue took my attention. Tthank you everyone for your assistance, the solution worked.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.