I'm writing to the windows event log using C#. I can set every field visible in the mmc.exe "Computer Management" tool, except for the User field.
The client application is ASP.NET and uses forms authentication.
public static void WriteOnce()
{
EventLog log = new EventLog("MyApp");
if (!EventLog.SourceExists("MySource"))
{
EventSourceCreationData data = new EventSourceCreationData("MySource", "MyApp");
EventLog.CreateEventSource(data);
}
log.Source = "MySource";
log.WriteEntry("Hello World", EventLogEntryType.Information,123,456,new byte[]{1,2,3});
}
UPDATE: I checked, in ASP.NET even if set identity impersonation=true & authentication=windows and still no user.
I also checked, in a console app, no user.