I am writing an application which uses some .NET remote components that are hosted in IIS on a Windows 2003 Server.
When the remote component throws an exception, the exception information should be written to the EventLog on the Windows 2003 Server; however, Win2k3 seems to be a bit restrictive when a component that is hosted in IIS wants to write to the eventlog.
Although the component does not run under the IIS_WPG or ASPNET account (I am using Windows Impersonation), I always received the following exception when the .NET remote component wanted to write something to the eventlog:
You can get rid of this behaviour and make sure that the error is indeed written to the EventLog by following the steps below:
- Open the registry on the Win2k3 server using regedit
- Locate the
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EventLog\Application key
- Find the CustomSD key and append the following string to the existing value:
(A;;0x0002;;;AU)
Now, the (impersonated) remote component should have rights to write to the EventLog.
Now, what is the meaning of the string you've just added to the CustomSD key ?
- A stands for
SDDL_ACCESS_ALLOWED
. (See ACE strings). - 0x0002 stands for
ELF_LOGFILE_WRITE
. (See also Event Logging Security - AU stands for Authenticated Users. (See also SID strings
4 opmerkingen:
Hi Frederik, you have a small typo in your sugested solution for this problem. You have written '...append the following string to the existing value: (A;;0x0002;;AU)'.
However, the actual value is missing a semi-colon and it should be (A;;0x0002;;;AU), otherwise the System Event Log raises the following error;
Event Type: Error
Event Source: EventLog
Event Category: None
Event ID: 6015
Date: 26/02/2008
Time: 10:06:56 AM
User: N/A
Computer: servername
Description:
The custom security descriptor for the event log Application is invalid. Please ask an administrator to correct the CustomSD value in registry for this event log.
I've corrected it.
Thanks for pointing it out.
Hi, does this issue apply to Vista (home premium) systems as well as to Win 2003 server?
I recently installed VS 2008 express on my personal Vista home premium machine and my son's XP SP2 machine. When attempting to create a SQL express datasource through C# for instance, on the XP it creates fine. On the Vista, I get the error.
I've never experienced this problem on Vista. (I never tested it as well).
Do you run VS.NET as administrator on Vista ?
Maybe you can try this registry hack on your Vista machine, and see what happens ?
Een reactie posten