Re: Error Writing to Event Log

Hi Jerry,

Can you first confirm if you are using VS2005 or VS.net2003 in the project?

Below is the source code of System.Diagnostics.EventLog.OpenForWrite()
method:

private void OpenForWrite()
{
if (this.disposed)
{
throw new ObjectDisposedException(base.GetType().Name);
}
if ((this.sourceName == null) || this.sourceName.Equals(string.Empty))
{
throw new ArgumentException(SR.GetString("NeedSourceToOpen"));
}
SharedUtils.CheckEnvironment();
this.writeHandle =
UnsafeNativeMethods.RegisterEventSource(this.machineName, this.sourceName);
if (this.writeHandle == IntPtr.Zero)
{
Win32Exception exception1 = null;
if (Marshal.GetLastWin32Error() != 0)
{
exception1 = EventLog.CreateSafeWin32Exception();
}
throw new
InvalidOperationException(SR.GetString("CantOpenLogAccess"), exception1);
}
}

With the code, we can determine that your code fails in RegisterEventSource
win32 API calling.

In the document below, you will see that the RegisterEventSource needs
ELF_LOGFILE_WRITE permission:
"Event Logging Security"
http://windowssdk.msdn.microsoft.com/en-us/library/ms684080.aspx

Since your code runs well on my test environment, I suspect if the account
your exeuction thread runs under has some different feature. Can you tell
me what authentication mode you are using in you Asp.net project? Basic
authentication or Windows authentication? Do you use any impersonation in
your project?

In your LoginV6.Page_Load method, I recommend you print out the following
information on the page for troubleshooting purpose:

Imports System.Diagnostics
Imports System.Security.Principal
Public Class WebForm1
Inherits System.Web.UI.Page

Private Sub Page_Load(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles MyBase.Load
Dim id As IIdentity = WindowsIdentity.GetCurrent()
Me.Response.Write(id.Name + "<br>")
Me.Response.Write(id.IsAuthenticated.ToString() + "<br>")
Me.Response.Write(id.AuthenticationType + "<br>")
.....
End Sub
End Class

Please provide the output information to me. Thanks.

Once you determined the running account of the current thread, you may
modify the DACL setting of eventlog in registry with SDDL format.

On W2K3, the security of Application Event Log is controlled by CustomSD
registry value in key below:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application

CustomSD REG_SZ registry value is described by default in SDDL format as
below:
O:BAG:SYD:(D;;0xf0007;;;AN)(D;;0xf0007;;;BG)(A;;0xf0007;;;SY)(A;;0x7;;;BA)(A
;;0x7;;;SO)(A;;0x3;;;IU)(A;;0x3;;;SU)(A;;0x3;;;S-1-5-3)

In order for any authenticated user to be able to write to Application
Event Log, you will append:
(A;;0x3;;;AU)

where AU is referring "Authenticated Users".

Hope this helps.

Best regards,
Jeffrey Tan
Microsoft Online Community Support
==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.

Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

.

Relevant Pages

  • RE: Invisible ActiveX control created using ATL
    ... I have confirmed that it is the registry entry that is the problem ... and if so what is the best way of keeping the correct entries in my .rgs file ... Microsoft Online Community Support ... where an initial response from the community or a Microsoft Support ...
    (microsoft.public.dotnet.framework.interop)
  • RE: Send Ports
    ... there was a registered custom AIC dll which also is added to registry using 2 ... We say though a direct upgrade from BizTalk 2002 to BizTalk 2004 is ... Microsoft Online Community Support ... where an initial response from the community or a Microsoft Support ...
    (microsoft.public.biztalk.general)
  • Re: Calling SQL Native Web Service failed as unauthorized
    ... I understand that when you try to Add web reference to a sql http web ... right for kerberbose authentication. ... Microsoft Online Community Support ... where an initial response from the community or a Microsoft Support ...
    (microsoft.public.sqlserver.xml)
  • RE: Securing a single aspx page
    ... forms authentication by default will allow everyone access ... authorization setting: ... Microsoft MSDN Online Support Lead ... where an initial response from the community or a Microsoft Support ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Securing a single aspx page
    ... forms authentication by default will allow everyone access ... authorization setting: ... Microsoft MSDN Online Support Lead ... where an initial response from the community or a Microsoft Support ...
    (microsoft.public.dotnet.framework.aspnet)