Improve company productivity with a Business Account.Sign Up

x
?
Solved

Got security exception error. What permission is needed to write/create windows event log?

Posted on 2015-01-21
2
Medium Priority
?
2,651 Views
Last Modified: 2015-02-24
Hi, I'm using vs2012.
i'm getting the following error when my code try to create new event log and event source.  I then added impersonation code, stepping through it is impersonating successfully.  the impersonated account is added to the local Administrator group of the server but still I would get security error.  What other permission still needed?  Thank you.
Both code below would give security error
            //if ((!EventLog.Exists(sLog)) || (!EventLog.SourceExists(sSource)))
            //    EventLog.CreateEventSource(sSource, sLog);

            if (!EventLog.SourceExists(sSource))
                EventLog.CreateEventSource(sSource, sLog);

ecurity Exception
  Description: The application attempted to perform an operation not allowed by the security policy.  To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

 Exception Details: System.Security.SecurityException: The source was not found, but some or all event logs could not be searched.  Inaccessible logs: Security.

Source Error:


 An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.  

Stack Trace:



[SecurityException: The source was not found, but some or all event logs could not be searched.  Inaccessible logs: Security.]
   System.Diagnostics.EventLog.FindSourceRegistration(String source, String machineName, Boolean readOnly, Boolean wantToCreate) +806
   System.Diagnostics.EventLog.SourceExists(String source, String machineName, Boolean wantToCreate) +315
   System.Diagnostics.EventLog.SourceExists(String source) +22
   XXXXXXXXXXXXXXXXXXXXXXX.ErrLog.LogIt(String msg) +143
   XXXXXXXXXXXXXXXXXXXXXXX._Default.GetUsersToSession() +2444
   System.Web.UI.Control.LoadRecursive() +71
   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +12347355
   System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +12346873
   System.Web.UI.Page.ProcessRequest() +119
   System.Web.UI.Page.ProcessRequest(HttpContext context) +99
   System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +913
   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +165
0
Comment
Question by:lapucca
2 Comments
 
LVL 36

Accepted Solution

by:
it_saige earned 2000 total points
ID: 40563105
This is because NetworkService does not have read and\or write permissions to the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Security key in the registry.

Other than explicitly defining the permissions, the recommendation is to add a key entry for your application (by Name) to the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application key.

Example for an application named MyApplication:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\MyApplication

Open in new window


-saige-
1
 

Author Comment

by:lapucca
ID: 40563306
That's why I use impersonation code from here, http://metah.ch/blog/2010/10/impersonation-with-c-2/?utm_expid=93095202-0.j6F45lYdRJalUdpcxFnTAA.0&utm_referrer=https%3A%2F%2Fwww.google.com%2F 

before I write to the event log.  The user impersonate is added to the local server's Administrator's group.  Wouldn't that be enough?  I know it's not because it's getting security error but that doesn't make sense if I'm impersonating a user account that is part of Administrators group

          ImpersonateManager.ImpersonateUser("domain-name", ConfigurationManager.AppSettings.Get("admin"), ConfigurationManager.AppSettings.Get("password"));
            var curUser = WindowsIdentity.GetCurrent().Name;

                  sSource = "XXXXXXXXX";
                  sLog = "XXXXXXXXX";
                  sEvent = "XXXXXXXXXXXX Exception Error";

            //if ((!EventLog.Exists(sLog)) || (!EventLog.SourceExists(sSource)))
            //    EventLog.CreateEventSource(sSource, sLog);

            if (!EventLog.SourceExists(sSource))
                EventLog.CreateEventSource(sSource, sLog);

                  EventLog.WriteEntry(sSource,msg, EventLogEntryType.Error);

            ImpersonateManager.StopImpersonation();
0

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

The article shows the basic steps of integrating an HTML theme template into an ASP.NET MVC project
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

608 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question