Archive
DirWiz News

EventLog Madness!

2017-06-10 12:03:48

OK so I had a great idea: “ Profiler should log to the EventLog ”.

Simple idea, just grab the necessary libs and fire the code in. OK the code works out of the command line, almost there. Whoops ‘Access Denied’ when trying it through the CGI interface.

Apparently Windows 2003 has a more ‘Secure’ event log. So much so, the anonymous user account in IIS (IUSR_hostname) cannot write logs.

Unwaivered I start tearing apart the knowledge base to look for crumbs. Ah! 323076 looks about right. Do a bit of registry mumbo jumbo and I’m set. It will be a hassle for the user but it should work..

Nope.. Hours go by trying every iteration of security groups and reg hacks. No luck.

The only way this all works is if IUSR_hostname is put in the local admin group. I can already see the admins screaming at this one. So, unless I can find a reasonable way for the admin to setup permissions, v5 will not have Event Logging. Help on this one would be much appreciated: support@dirwiz.com.

For those who use syslogs, rejoice!. That capability WILL be in v5 and works without fail (or security issues).