C# Application not allowed to write to event log on Windows Server 2003

[FrodoBaggins]

Dear Team,

I am running Visual Studio 2003 Version 7.1.3088 on Windows Server 2003.

I have written a C# application that must write to the event log. When it attempts to write to the event log, however, I get the following message on the browser shown below in bold text:

Security Exception
Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: Requested registry access is not allowed.

Source Error:

Line 107:
Line 108: public void Application_OnStart() {
Line 109: EventLog.WriteEntry("CSharpASP", "CSharpASP application Starting");
Line 110: DirectoryInfo di = null;
Line 111: try

I have searched the help on Visual Studio.NET and the MSDN Library. The only thing close to explaining how to set the security on the application event log is the following:

Prevent local guests group from accessing application log

Description
This security setting determines if guests are prevented from accessing the application event log.

Notes

This setting does not appear in the Local Computer Policy object.
This security setting affects only computers running Windows 2000 and Windows XP.
Default: Enabled.

Configuring this security setting
You can configure this security setting by opening the appropriate policy and expanding the console tree as such: Computer Configuration\Windows Settings\Security Settings\Event Log\

For specific instructions about how to configure security policy settings, see To edit a security setting on a Group Policy object.

For more information, see:

Event Viewer
Security Configuration Manager Tools

However, this appears to relate to an earlier version of Windows Server, as I cannot find the 'console tree' mentioned.

So, my question is: Can you please direct me to where I can alter the security properties of the Application Event Log in Windows Server 2003? Please note, I have opened the Event Viewer and that does not allow security levels to be altered.

Thanks,

Tom.

 

[Tian Min Huang]

Hi Tom,

Thanks for your post. As I understand, the problem you are facing is that
it failed to write to event log within an ASP .NET Web application. Please
correct me if there is any misunderstanding. Now I'd like to share the
following information with you:

By default, the NetworkService account, which is the user token of the
ASP.NET worker process in Windows 2003, does not have the correct user
rights to create an event source. That's the reason why you receive that
error message. To resolve this problem, you should create a registry key
CSharpASP under
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application,
say:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\CS
harpASP

Please refer to the following KB article for detailed information:

PRB: "Requested Registry Access Is Not Allowed" Error Message When ASP.NET
Application Tries to Write New EventSource in the EventLog
http://support.microsoft.com/?id=329291

Hope this helps.

Have a nice day!

Regards,

HuangTM
Microsoft Online Partner Support
MCSE/MCSD

Get Secure! -- www.microsoft.com/security
This posting is provided "as is" with no warranties and confers no rights.

 

[FrodoBaggins]

Tian,

This did the trick!

Thanks,

Tom.