Re: Windows Service - Event Log
- From: "Kevin Spencer" <uce@xxxxxxx>
- Date: Thu, 29 Jun 2006 07:14:13 -0400
Who's talking about writing to the eventlog? Tim and I are talking about
writing to the registry ( HKLM ).
You (Tim and you, as you prefer to put it, although I could almost swear
that I am too) are talking about creating an Event Log, and writing to it.
Yes, this is done via the System registry, but the registry does not have a
single set of permissions for all registry keys. It has highly granular
permissions. If writing a .Net application, you are not likely to be writing
directly to the registry in order to do this, but more likely to be using
the EventLog classes.
To create an Event Log, the user account must be a member of the
Administrators group on the local machine, or the local System account. The
permissions can be changed as well, but that is not likely to be helpful
(as, when the application moves to a different machine, the permissions must
be changed on any machine it is moved to). So, what I said still stands: If
you want your service to create an Event Log, it must run as a user account
that is either the Local System or a member of the Administrators group. If
you have a look at your Service Manager, you will see that many Services run
under these types of accounts, and for a variety of reasons.
--
HTH,
Kevin Spencer
Microsoft MVP
Professional Chicken Salad Alchemist
Big thicks are made up of lots of little thins.
"Tim Van Wassenhove" <timvw@xxxxxxxxxxxxxxxxxxxxx> wrote in message
news:edcuy0vmGHA.4164@xxxxxxxxxxxxxxxxxxxxxxx
On 2006-06-28, Willy Denoyette [MVP] <willy.denoyette@xxxxxxxxxx> wrote:
Who's talking about writing to the eventlog? Tim and I are talking about
writing to the registry ( HKLM ).
Willy.
"Kevin Spencer" <uce@xxxxxxx> wrote in message
news:O5BFphqmGHA.2452@xxxxxxxxxxxxxxxxxxxxxxx
|> Only Administrators (and localsystem) are allowed to write to HKLM and
| > descendants, Service accounts are not supposed to write to HKLM.
|
| Services write to Event Logs all the time, and run under a variety of
user
| accounts. In fact, the majority of the Events in the Event Log are
written
| by Services. If you look in the Application and System Event Logs, for
| example, you will see that almost all Events are written by Services.
|
| That said, by default, members of the Administrators group and the Local
| System account are the only accounts allowed to write to the Event Log
on
a
| Windows 2003 server. On the other hand, a Service can certainly run
under
| the Local System Account, and an account other than the Administrators
group
| or the Local System account may be granted permission to create and
write
to
| Event Logs as well.
|
| --
| HTH,
|
| Kevin Spencer
| Microsoft MVP
| Professional Chicken Salad Alchemist
|
| Big thicks are made up of lots of little thins.
|
|
| "Willy Denoyette [MVP]" <willy.denoyette@xxxxxxxxxx> wrote in message
| news:OxCE$AqmGHA.4536@xxxxxxxxxxxxxxxxxxxxxxx
| > Yes, but why do you want your service to write to this key?
| > Only Administrators (and localsystem) are allowed to write to HKLM and
| > descendants, Service accounts are not supposed to write to HKLM. If
you
| > really need your service to write to HKLM, you need to run as
| > "localsystem".
| > Again if you grant a non privileged account write access to HKLM, you
| > severely compromise your system's security.
| >
| > Willy.
| >
| > "Tim Van Wassenhove" <timvw@xxxxxxxxxxxxxxxxxxxxx> wrote in message
| > news:uuAwDNpmGHA.4992@xxxxxxxxxxxxxxxxxxxxxxx
| > | On 2006-06-28, Willy Denoyette [MVP] <willy.denoyette@xxxxxxxxxx>
wrote:
| > | >
| > | > "Tim Van Wassenhove" <timvw@xxxxxxxxxxxxxxxxxxxxx> wrote in
message
| > | > news:e8Jsf8lmGHA.2280@xxxxxxxxxxxxxxxxxxxxxxx
| > | >| On 2006-06-27, pisquem@xxxxxxxxxxx <pisquem@xxxxxxxxxxx> wrote:
| > | >| > I am building an windows service that is to be deployed on a
| > windows
| > | >| > server 2003 and I want to have activity written to the event
log,
I
| > | >| > want its own log called ('CustomLog')
| > | >| >
| > | >| > Below is what I have so far...its builds fine but when I go to
| > start
| > | >| > the service i get the following error.
| > | >|
| > | >| When i tried that (on a default windows 2003 installation) i
| > experienced
| > | >| a problem with access rights. If i remember well, i had to give
the
| > | >| 'network' user access rights to the registry keys..
| > | >|
| > | >
| > | > What registry key's?
| > |
| > | HKLM/System/CurrentControlSet/Services/Eventlog (or one of it's
| > | children).
| > |
| > |
| > | --
| > | Met vriendelijke groeten,
| > | Tim Van Wassenhove <http://timvw.madoka.be>
| >
| >
|
|
--
Met vriendelijke groeten,
Tim Van Wassenhove <http://timvw.madoka.be>
.
- Follow-Ups:
- Re: Windows Service - Event Log
- From: Willy Denoyette [MVP]
- Re: Windows Service - Event Log
- References:
- Windows Service - Event Log
- From: pisquem
- Re: Windows Service - Event Log
- From: Tim Van Wassenhove
- Re: Windows Service - Event Log
- From: Willy Denoyette [MVP]
- Re: Windows Service - Event Log
- From: Tim Van Wassenhove
- Re: Windows Service - Event Log
- From: Willy Denoyette [MVP]
- Re: Windows Service - Event Log
- From: Kevin Spencer
- Re: Windows Service - Event Log
- From: Willy Denoyette [MVP]
- Re: Windows Service - Event Log
- From: Tim Van Wassenhove
- Windows Service - Event Log
- Prev by Date: Re: Philosophical question about separating tiers
- Next by Date: Re: Cannot put delegate in interface - why not?
- Previous by thread: Re: Windows Service - Event Log
- Next by thread: Re: Windows Service - Event Log
- Index(es):
Relevant Pages
|
