Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Got security exception error. What permission is needed to write/create windows event log?

Posted on 2015-01-21
2
Medium Priority
?
1,624 Views
Last Modified: 2015-02-24
Hi, I'm using vs2012.
i'm getting the following error when my code try to create new event log and event source.  I then added impersonation code, stepping through it is impersonating successfully.  the impersonated account is added to the local Administrator group of the server but still I would get security error.  What other permission still needed?  Thank you.
Both code below would give security error
            //if ((!EventLog.Exists(sLog)) || (!EventLog.SourceExists(sSource)))
            //    EventLog.CreateEventSource(sSource, sLog);

            if (!EventLog.SourceExists(sSource))
                EventLog.CreateEventSource(sSource, sLog);

ecurity Exception
  Description: The application attempted to perform an operation not allowed by the security policy.  To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

 Exception Details: System.Security.SecurityException: The source was not found, but some or all event logs could not be searched.  Inaccessible logs: Security.

Source Error:


 An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.  

Stack Trace:



[SecurityException: The source was not found, but some or all event logs could not be searched.  Inaccessible logs: Security.]
   System.Diagnostics.EventLog.FindSourceRegistration(String source, String machineName, Boolean readOnly, Boolean wantToCreate) +806
   System.Diagnostics.EventLog.SourceExists(String source, String machineName, Boolean wantToCreate) +315
   System.Diagnostics.EventLog.SourceExists(String source) +22
   XXXXXXXXXXXXXXXXXXXXXXX.ErrLog.LogIt(String msg) +143
   XXXXXXXXXXXXXXXXXXXXXXX._Default.GetUsersToSession() +2444
   System.Web.UI.Control.LoadRecursive() +71
   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +12347355
   System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +12346873
   System.Web.UI.Page.ProcessRequest() +119
   System.Web.UI.Page.ProcessRequest(HttpContext context) +99
   System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +913
   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +165
0
Comment
Question by:lapucca
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 34

Accepted Solution

by:
it_saige earned 2000 total points
ID: 40563105
This is because NetworkService does not have read and\or write permissions to the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Security key in the registry.

Other than explicitly defining the permissions, the recommendation is to add a key entry for your application (by Name) to the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application key.

Example for an application named MyApplication:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\MyApplication

Open in new window


-saige-
1
 

Author Comment

by:lapucca
ID: 40563306
That's why I use impersonation code from here, http://metah.ch/blog/2010/10/impersonation-with-c-2/?utm_expid=93095202-0.j6F45lYdRJalUdpcxFnTAA.0&utm_referrer=https%3A%2F%2Fwww.google.com%2F 

before I write to the event log.  The user impersonate is added to the local server's Administrator's group.  Wouldn't that be enough?  I know it's not because it's getting security error but that doesn't make sense if I'm impersonating a user account that is part of Administrators group

          ImpersonateManager.ImpersonateUser("domain-name", ConfigurationManager.AppSettings.Get("admin"), ConfigurationManager.AppSettings.Get("password"));
            var curUser = WindowsIdentity.GetCurrent().Name;

                  sSource = "XXXXXXXXX";
                  sLog = "XXXXXXXXX";
                  sEvent = "XXXXXXXXXXXX Exception Error";

            //if ((!EventLog.Exists(sLog)) || (!EventLog.SourceExists(sSource)))
            //    EventLog.CreateEventSource(sSource, sLog);

            if (!EventLog.SourceExists(sSource))
                EventLog.CreateEventSource(sSource, sLog);

                  EventLog.WriteEntry(sSource,msg, EventLogEntryType.Error);

            ImpersonateManager.StopImpersonation();
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OfficeMate Freezes on login or does not load after login credentials are input.
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question