Cannot open log Application on machine

02-10-2006

Hi all,

We want to be able to log to the event log when an error occurs in our web
parts. Currently we cannot do that under SharePoint because it throws an
exception.

Below is the code where is fails:

EventLog log = new EventLog("Application", ".", "MyThing");
log.EnableRaisingEvents = true;

On the second line it throws the following exception:

- $exception {"Cannot open log Application on machine .. Windows has not
provided an error code."} System.Exception
{System.InvalidOperationException}

The exception contains an inner exception stating "Access denied."

Running the same code under an ASP.NET 2.0 application with an anonimus user
access it works fine.

Here are some facts:
- We are using windows authendication in the WSS server
- The users accessing the sharepoint site have domain accounts
- If I access the SharePoint site with a user that is NOT administrator then
it fails.
- For Admins it works fine.
- The Event log source gets installed by our installer to avoid other
sequrity problems.

How can I avoid the exception without having to make all users admins?
Please help!!!

Thanks in advance,
Greg.

02-10-2006

Hi,

1. EnableRaisingEvents - this is used if you are writing a event log listener
- you usually provide a callback in your application that gets called when
a new event entry is written - this is NOT needed to write to the event log

2. The ASP.NET worker process does not have the privileges to create a brand
new event source - that's where the access denied is coming from

You have to pre-create the event source and log in, e.g. a console application
that is run with admin privileges. Afterwards you can write to the EventLog
with a least privilege account.

---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

> Hi all,
>
> We want to be able to log to the event log when an error occurs in our
> web parts. Currently we cannot do that under SharePoint because it
> throws an exception.
>
> Below is the code where is fails:
>
> EventLog log = new EventLog("Application", ".", "MyThing");
> log.EnableRaisingEvents = true;
> On the second line it throws the following exception:
>
> - $exception {"Cannot open log Application on machine .. Windows has
> not provided an error code."} System.Exception
> {System.InvalidOperationException}
>
> The exception contains an inner exception stating "Access denied."
>
> Running the same code under an ASP.NET 2.0 application with an
> anonimus user access it works fine.
>
> Here are some facts:
> - We are using windows authendication in the WSS server
> - The users accessing the sharepoint site have domain accounts
> - If I access the SharePoint site with a user that is NOT
> administrator then
> it fails.
> - For Admins it works fine.
> - The Event log source gets installed by our installer to avoid other
> sequrity problems.
> How can I avoid the exception without having to make all users admins?
> Please help!!!
>
> Thanks in advance,
> Greg.

02-10-2006

Hi Dominic,

> 2. The ASP.NET worker process does not have the privileges to create a
> brand new event source - that's where the access denied is coming from

We do not create a brand new event source. As I said previouslly the event
source gets installed by
our instalation program.

> 1. EnableRaisingEvents - this is used if you are writing a event log
> listener - you usually provide a callback in your application that gets
> called when a new event entry is written - this is NOT needed to write to
> the event log

I removed the offending line to do with the EnableRaisingEvents. It now
fails when it actually tries to
write - log.WriteEntry(.....) - with an exception stating:

Cannot open log for source 'My event Source'. You may not have write access.

Any thought please?

Thanks for your quick reply.
Greg.

02-10-2006

ah - i remember vaguely that there is a bug in 1.1

whats the name of your event source? if the 1st is higher than "s" - or something
comparably obscure...

also check the ACL on HKLM\System\CurrentControlSet\Services\Eventlog\Ev entLogName

does the asp.net process account have sufficient rights?

what OS?

---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

> Hi Dominic,
>
>> 2. The ASP.NET worker process does not have the privileges to create
>> a brand new event source - that's where the access denied is coming
>> from
>>
> We do not create a brand new event source. As I said previouslly the
> event
> source gets installed by
> our instalation program.
>> 1. EnableRaisingEvents - this is used if you are writing a event log
>> listener - you usually provide a callback in your application that
>> gets called when a new event entry is written - this is NOT needed to
>> write to the event log
>>
> I removed the offending line to do with the EnableRaisingEvents. It
> now
> fails when it actually tries to
> write - log.WriteEntry(.....) - with an exception stating:
> Cannot open log for source 'My event Source'. You may not have write
> access.
>
> Any thought please?
>
> Thanks for your quick reply.
> Greg.

02-10-2006

> whats the name of your event source? if the 1st is higher than "s" - or
> something
> comparably obscure...

The source name is "Metastorm WSS Integration"

> also check the ACL on
> HKLM\System\CurrentControlSet\Services\Eventlog\Ev entLogName
> does the asp.net process account have sufficient rights?

It has, otherwise the ASP.NET application running the same code would't be
able to log at all.
When I run the same code under SharePoint is where it fails.

> what OS?

Windows 2003 SP1

Thanks,
Greg.

02-10-2006

what happens if you do a

new EventLogPermission(PermissionState.Unrestricted).D emand()

?
---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

>> whats the name of your event source? if the 1st is higher than "s" -
>> or
>> something
>> comparably obscure...
> The source name is "Metastorm WSS Integration"
>
>> also check the ACL on
>> HKLM\System\CurrentControlSet\Services\Eventlog\Ev entLogName does the
>> asp.net process account have sufficient rights?
>>
> It has, otherwise the ASP.NET application running the same code
> would't be
> able to log at all.
> When I run the same code under SharePoint is where it fails.
>> what OS?
>>
> Windows 2003 SP1
>
> Thanks,
> Greg.

02-13-2006

Hi Dominic,

I added the code as you asked me just before I do a write like this

new EventLogPermission(PermissionState.Unrestricted).D emand();
log.WriteEntry(message, type, (int)eventId, (short)category);

The Demand method executes sucessfull as it proceeds to the next line
(log.WriteEntry......) ok.
When it tries to do log.WriteEntry it then fails with a
System.InvalidOperationException exception:

"Cannot open log for source 'Metastorm WSS Integration'. You may not have
write access."

The exception contains an Inner Exception of "Access is denied".

The top 4 entries of the trace stack are:
System.Diagnostics.EventLog.OpenForWrite(...)
System.Diagnostics.EventLog.InternalWriteEvent(... )
System.Diagnostics.EventLog.WriteEntry(...)
System.Diagnostics.EventLog.WriteEntry(...)

Many thanks,
Greg.

02-13-2006

Hi,

OK - i wanted to make sure that the problem is not CAS related - it must
be some OS ACL

does this help?
http://www.leastprivilege.com/EventL...ndows2003.aspx

---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

> Hi Dominic,
>
> I added the code as you asked me just before I do a write like this
>
> new EventLogPermission(PermissionState.Unrestricted).D emand();
> log.WriteEntry(message, type, (int)eventId, (short)category);
> The Demand method executes sucessfull as it proceeds to the next line
> (log.WriteEntry......) ok.
> When it tries to do log.WriteEntry it then fails with a
> System.InvalidOperationException exception:
> "Cannot open log for source 'Metastorm WSS Integration'. You may not
> have write access."
>
> The exception contains an Inner Exception of "Access is denied".
>
> The top 4 entries of the trace stack are:
> System.Diagnostics.EventLog.OpenForWrite(...)
> System.Diagnostics.EventLog.InternalWriteEvent(... )
> System.Diagnostics.EventLog.WriteEntry(...)
> System.Diagnostics.EventLog.WriteEntry(...)
> Many thanks,
> Greg

02-13-2006

Hi Dominick,

I had a look at the article yopu suggested.
I do not think though that the security on the EventLog is relevant as the
same user can write to event log from an ASP.NET application using the same
code but cannot when the code is hosted in SharePoint. Both SharePoint and
the ASP.NET app use windows authendication.

This is very weird.....

Many Thanks,
Greg.

02-15-2006

I also tried the following...

The trust lever is set to Full. I also GACed the assembly that does the
event logging but I still get same problem.

Please help....
Greg.

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
FAQ 9.6 How do I download a file from the user's machine? How do I open a file on another machine?	PerlFAQ Server	Perl Misc	0	04-09-2011 04:00 PM
Vist Machine cannot see XP machine on Network	sr19	Wireless Networking	1	01-19-2010 03:19 AM
Re: how to open a file in some application using Tkinter i am usingTKINTER to create GUI application i want to know how to open a worddocument in open office or any other applicatio	Fredrik Lundh	Python	1	01-09-2008 10:40 AM
My.Log.Writeexception not writing to Application Event Log.	=?Utf-8?B?VG9tIFdpbmdlcnQ=?=	ASP .Net	0	01-20-2006 06:41 PM