I am testing the environment for our new application and was having problems writing to the event log when the ASP.NET custom account was running as a normal user.
If, for example, your remoting application is hosted under IIS and is configured to use a custom account
e.g.
with the following entries in the web.config
<identity impersonate="true" />
<authentication mode="Windows" />
Note that we are using custom authentication.
With the custom account running as a normal user, you will receive an exception similar to below
A simple solution would be to add the custom account to the local administrators group - a big no no.
The fix recquires two actions
- add the “(A;;0x0002;;;AU)” key to the CustomSD entry under
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EventLog\Application
Note that after adding this string you will still get the same exception as shown above.
2. Add a key under the application folder, this being the name of your application, with the details shown below.
The equivalent .reg file is shown below
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\MyApplication]
"EventMessageFile"="C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.1.4322\\EventLogMessages.dll"
Your application should now be able to write to the event log.
Note that if you have an entry in the registry pertaining to your application, but do not have the “(A;;0x0002;;;AU)” key, you will get an exception similar to below
