// to display current settings
wevtutil gl application
// if exception during
the eventlogging call; add the permission using the command below (reboot
required):
wevtutil sl Application
/ca:O:BAG:SYD:(A;;0xf0007;;;SY)(A;;0x7;;;BA)(A;;0x7;;;SO)(A;;0x3;;;IU)(A;;0x3;;;SU)(A;;0x3;;;S-1-5-3)(A;;0x3;;;S-1-5-33)(A;;0x1;;;S-1-5-32-573)(A;;0x3;;;AU)
// provide users the read/write permission to the following folder
C:\Windows\System32\config
// grant read access to BTSQLQA or BTSQLUAT
// to test any account with ability to write to eventlog or not;
runas /user:accnt cmd and run the following cmd:
eventcreate /ID 1 /L APPLICATION /T INFORMATION /SO MYEVENTSOURCE /D "My first log"
No comments:
Post a Comment