Forum

event viewer servis...
 
Bildirimler
Hepsini Temizle

event viewer servisi access denied

3 Yazılar
2 Üyeler
0 Reactions
528 Görüntüleme
(@guven.yildiz)
Gönderiler: 77
Estimable Member
Konu başlatıcı
 

2008 serverda event viewer servisini başlatamıyorum. permissionları duzgun gibi duruyor. administratorle baglıyım ve ful yetkisi var.


fikri olan varmı.

 
Gönderildi : 26/12/2009 04:40

(@guven.yildiz)
Gönderiler: 77
Estimable Member
Konu başlatıcı
 

aşagıdaki adımları takip ederek sorunumu cozdum.

Default permissions on C:\Windows\system32\winevt\logs Folder should be

Authenticated user - List folder/read data, Read attributes, Read Extended

attributes, Read permissions

Administrators - Full control

SYSTEM - Full control

EventLog - Full control

To restore default permissions on folder "C:\Windows\system32\winevt\logs", follow

these steps.

1. Right click on C:\Windows\system32\winevt\logs and select properties.

2. Select the security tab.

3. Click Edit button and click Add button in permissions dialog box.

4. In Select users, computers, or Groups dialog box ensure that under object types

Built in Security Principals and the location as local computer name is selected.

5. Enter the object name as "NT SERVICE\EventLog" without quotes. And click OK.

This group should have full control on the folder.

6. Once EventLog group is added add the rest of the groups with above mentioned

permissions.

Alternatively you can also achieve this by following below steps

Identify a Windows server 2008 machine with default permissions

1. Click Start, and then type cmd in the Start Search box.

2. In the search results list, right-click Command Prompt, and then click Run as

Administrator.

3. When you are prompted by User Account Control, click Continue.

4. Type the command CD C:\WINDOWS\SYSTEM32

5. Once the working directory is changed to C:\WINDOWS\SYSTEM32 type the command

icacls winevt\* /save acl /T

6. This will save acl file under C:\WINDOWS\SYSTEM32. Copy this file to the

problematic machine's C Drive.

7. On problematic machine open command prompt with administrator privileges (Refer

previous steps 1 to 3)

8. Change the working directory to C:\WINDOWS\SYSTEM32.

9. Execute the command icacls winevt\ /restore acl

Default permissions on the registry key

HKLM\Software\Microsoft\Windows\CurrentVersion\Reliability should be

CREATOR OWNER - Full control

SYSTEM - Full control

LOCAL SERVICE - Query Value, Set Value, Create Subkey, Notify and Delete

Administrators - Full control

Users - Read

To set the permission on this registry key

1. Go to start menu, select run and type regedit

2. Go to the location HKLM\Software\Microsoft\Windows\CurrentVersion\Reliability

3. From the edit menu click permissions

4. Add the permissions for accounts as given above.

 
Gönderildi : 26/12/2009 18:34

(@ugurdemir)
Gönderiler: 9886
Illustrious Member
 

Geçmiş olsun.Geri bildirim için teşekkürler.

 
Gönderildi : 28/12/2009 01:34

Paylaş: