tags:

views:

231

answers:

1
+1  Q: 

UAC gives me fits!

The code I am currently working on runs on Windows Server 2003, but needs to be able to write to EventLogs on multiple machines. I am coding in C#, using VS2008 Pro, and .NET Framework 3.5.

The code itself is relatively simple (thanks to the framework):

using (EventLog remoteEvtLog = new EventLog(LogName, HostName, EventSource))
{
    remoteEvtLog.WriteEntry(Body);
}

"LogName" is a string containing the name of the log to write to - in most cases "Application". "HostName" is a string containing the NetBIOS Name of the machine where the log entry should be written. "EventSource" is a string containing the name of the event sender (this is a utility used by multiple apps, so usually it will have the name of the consuming application). "Body" is a string containing the text to be written to the event log.

In most cases this works fine, but when the machine being written to uses UAC, any write which creates a new EventSource fails. This occurs even though the Security credentials used are members of the Administrators group - and I have not been able to find a way to specify the elevated priviledge level. Apparently, members of the Administrators goroup get two tokens - one limited, and one elevated, but as far as I can tell, the only way to specifiy the elevated token is through the UI - which is obviously a problem when remotely accessing the Logs.

Any ideas out there?

A: 

Your code is not supposed to create new event sources (the legacy auto-create behavior is unfortunate, but still wrong). If you need a separate event source for your application, then the installer for that application - which runs with elevated administrative privileges - should create it.

Pavel Minaev  2009-08-28 20:15:17
And how would one go about having the installer (from VS Setup Deploy project?) to do that? (sorry for hi-jacking).
Nate Bross  2009-08-28 20:20:55
I do not think you can do this with a VS Setup project - the thing is extremely limited in what it can do. You can of course hand-edit the resulting MSI in Orcas, but that's extremely inconvenient. In general, if you find that you need more than Setup projects offer - which is almost a certainty for any real-world application - you should switch over to WiX.
Pavel Minaev  2009-08-28 22:22:11
DragonsRightWing  2009-08-29 01:03:26
1) sorry about the hard-to-read formatting on the last reply ...2) What is the purpose of EventLog.CreateEventSource - if not to Create Event Sources? In our situation, we may be logging to a physical host on which the application has not been installed, but is being run as a remote application: we want the Events to be written on the client, not the application server. I am not using the auto-create, but specifically testing for, then (if needed) explicitely creating, the EventSource.
DragonsRightWing  2009-08-29 02:00:05
The point is that auto-creating an event source, from security standpoint, is kinda the same as auto-creating a folder under "Program Files". It's not supposed to be done by non-elevated user.
Pavel Minaev  2009-08-30 03:50:17
Oh, and when using WiX, this SO question says how to create an event source from installer without writing your own custom action: http://stackoverflow.com/questions/58538/how-do-you-create-an-event-log-source-using-wix
Pavel Minaev  2009-08-30 03:50:50
Thanks, Pavel. It looks as if I'm going to have to use a single EventSource, then use some alternate means of further identifying the "Inner Source". Again, the problem is that the application is not actually installed on the machine where the Event entries need to be written. You have gotten me interested in WiX, however - I have not looked into it before now.
DragonsRightWing  2009-08-31 21:34:47

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?