|
Home > Archive > IIS Server Security > March 2005 > IIS 6 Write to the Event Log
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
IIS 6 Write to the Event Log
|
|
|
| I have an anonymous access web service that is running as
IUSR_machineName. This application is set up in IIS 6 running in an
application pool under the network service account. I understand that
this network service account is low privledged.
My question is: What do I have to do to change the network service
account to allow my application to write to the nt event log? I have
allowed network service full control on the event log registry keys and
sub keys but it still isn't writing. I get an error saying can't open
event log for source (0).
One interesting thing though is that I have custom soap extensions and
they can write to the log fine. However, once it gets into the
webservice methods I cannot write to the log anymore. This is the same
dll, same class and the event log source is already present.
| |
| David Wang [Msft] 2005-03-26, 7:57 am |
| Actually, this is not an IIS issue. The NT Event Log got locked down, so you
will have to give the appropriate user identity access. It depends on the
application framework you use -- by default, IIS applications use the
impersonated remote identity. ASP.Net uses the process identity unless
configured to impersonate. Other applications/frameworks may have different
rules, so you'll have to read documentation or figure it out somehow.
Regarding the NT Event Log Lockdown (and many other security changes on
Windows Server 2003, non-exhaustive):
http://msdn.microsoft.com/library/d...ure06122003.asp
--
//David
IIS
http://blogs.msdn.com/David.Wang
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"JT" <jtaylor1024@gmail.com> wrote in message
news:1111771915.605929.127880@f14g2000cwb.googlegroups.com...
I have an anonymous access web service that is running as
IUSR_machineName. This application is set up in IIS 6 running in an
application pool under the network service account. I understand that
this network service account is low privledged.
My question is: What do I have to do to change the network service
account to allow my application to write to the nt event log? I have
allowed network service full control on the event log registry keys and
sub keys but it still isn't writing. I get an error saying can't open
event log for source (0).
One interesting thing though is that I have custom soap extensions and
they can write to the log fine. However, once it gets into the
webservice methods I cannot write to the log anymore. This is the same
dll, same class and the event log source is already present.
|
|
|
|
|