?
Solved

Got security exception error. What permission is needed to write/create windows event log?

Posted on 2015-01-21
2
Medium Priority
?
1,308 Views
Last Modified: 2015-02-24
Hi, I'm using vs2012.
i'm getting the following error when my code try to create new event log and event source.  I then added impersonation code, stepping through it is impersonating successfully.  the impersonated account is added to the local Administrator group of the server but still I would get security error.  What other permission still needed?  Thank you.
Both code below would give security error
            //if ((!EventLog.Exists(sLog)) || (!EventLog.SourceExists(sSource)))
            //    EventLog.CreateEventSource(sSource, sLog);

            if (!EventLog.SourceExists(sSource))
                EventLog.CreateEventSource(sSource, sLog);

ecurity Exception
  Description: The application attempted to perform an operation not allowed by the security policy.  To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

 Exception Details: System.Security.SecurityException: The source was not found, but some or all event logs could not be searched.  Inaccessible logs: Security.

Source Error:


 An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.  

Stack Trace:



[SecurityException: The source was not found, but some or all event logs could not be searched.  Inaccessible logs: Security.]
   System.Diagnostics.EventLog.FindSourceRegistration(String source, String machineName, Boolean readOnly, Boolean wantToCreate) +806
   System.Diagnostics.EventLog.SourceExists(String source, String machineName, Boolean wantToCreate) +315
   System.Diagnostics.EventLog.SourceExists(String source) +22
   XXXXXXXXXXXXXXXXXXXXXXX.ErrLog.LogIt(String msg) +143
   XXXXXXXXXXXXXXXXXXXXXXX._Default.GetUsersToSession() +2444
   System.Web.UI.Control.LoadRecursive() +71
   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +12347355
   System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +12346873
   System.Web.UI.Page.ProcessRequest() +119
   System.Web.UI.Page.ProcessRequest(HttpContext context) +99
   System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +913
   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +165
0
Comment
Question by:lapucca
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 34

Accepted Solution

by:
it_saige earned 2000 total points
ID: 40563105
This is because NetworkService does not have read and\or write permissions to the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Security key in the registry.

Other than explicitly defining the permissions, the recommendation is to add a key entry for your application (by Name) to the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application key.

Example for an application named MyApplication:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\MyApplication

Open in new window


-saige-
1
 

Author Comment

by:lapucca
ID: 40563306
That's why I use impersonation code from here, http://metah.ch/blog/2010/10/impersonation-with-c-2/?utm_expid=93095202-0.j6F45lYdRJalUdpcxFnTAA.0&utm_referrer=https%3A%2F%2Fwww.google.com%2F 

before I write to the event log.  The user impersonate is added to the local server's Administrator's group.  Wouldn't that be enough?  I know it's not because it's getting security error but that doesn't make sense if I'm impersonating a user account that is part of Administrators group

          ImpersonateManager.ImpersonateUser("domain-name", ConfigurationManager.AppSettings.Get("admin"), ConfigurationManager.AppSettings.Get("password"));
            var curUser = WindowsIdentity.GetCurrent().Name;

                  sSource = "XXXXXXXXX";
                  sLog = "XXXXXXXXX";
                  sEvent = "XXXXXXXXXXXX Exception Error";

            //if ((!EventLog.Exists(sLog)) || (!EventLog.SourceExists(sSource)))
            //    EventLog.CreateEventSource(sSource, sLog);

            if (!EventLog.SourceExists(sSource))
                EventLog.CreateEventSource(sSource, sLog);

                  EventLog.WriteEntry(sSource,msg, EventLogEntryType.Error);

            ImpersonateManager.StopImpersonation();
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Suggested Courses

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question