Hey guys,
Very simple question that I've been having trouble answering.
In Windows XP and Server 2003, I have occasionally come across a problem when trying to write to the event log.
"The source was not found, but some or all event logs could not be searched. Inaccessible logs: Security."
The solution to this that has worked in the past on XP and Server 2003 has been to give the correct user or user group Read or Full Control permissions to the registry key for the offending event log group. For example:
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\ or
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Security
This has always worked. But I've come up against Windows 7, with which I'm still very inexperienced.
I'm vaguely aware that Windows 7 and Vista do interesting things to try and downgrade the prominence of the Registry, virtualization and so forth. That gives me a tiny question mark as to whether or not Windows 7 still handles event log security in the same way.
I've done some searching on the topic, but haven't managed to find an answer to what (I thought) would have been a very simple question.
Any help pointing me in the right direction would be great.