Sign in with
Sign up | Sign in
Your question

Users can read Application and System log

Last response: in Windows 2000/NT
Share
Anonymous
a b 8 Security
December 7, 2004 5:42:00 PM

Archived from groups: microsoft.public.win2000.security (More info?)

Hi,
Is there a way to restrict access to the Application and System - Eventlog
in 2000 the same way that the Security logs work.
I dont want the users to be able to list the servers Eventlog.
The Restrict Guest is applied
/Stefan Johansson
Anonymous
a b 8 Security
December 7, 2004 7:51:30 PM

Archived from groups: microsoft.public.win2000.security (More info?)

Hello Stefan,

This article should help you:

You receive an "Access is denied" error message when you try to access an
event log on a Windows Server 2003-based computer or on a Windows
2000-based computer -->
http://support.microsoft.com/default.aspx?scid=KB;EN-US;842209

Thank You.

Diana.

This posting is provided "AS IS" with no warranties, and confers no rights.


diasmith@online.microsoft.com

--------------------
| From: "Stefan Johansson" <newsgroup@enbacken.com>
| Subject: Users can read Application and System log
| Date: Tue, 7 Dec 2004 14:42:00 +0100
| Lines: 8
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2800.1106
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
| Message-ID: <#Sw2IKG3EHA.824@TK2MSFTNGP11.phx.gbl>
| Newsgroups: microsoft.public.win2000.security
| NNTP-Posting-Host: 194.103.63.153
| Path:
cpmsftngxa10.phx.gbl!TK2MSFTNGXA03.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP11
phx.gbl
| Xref: cpmsftngxa10.phx.gbl microsoft.public.win2000.security:34370
| X-Tomcat-NG: microsoft.public.win2000.security
|
| Hi,
| Is there a way to restrict access to the Application and System - Eventlog
| in 2000 the same way that the Security logs work.
| I dont want the users to be able to list the servers Eventlog.
| The Restrict Guest is applied
| /Stefan Johansson
|
|
|


This posting is provided "AS IS" with no warranties, and confers no rights.


diasmith@online.microsoft.com
Anonymous
a b 8 Security
December 8, 2004 1:52:33 AM

Archived from groups: microsoft.public.win2000.security (More info?)

Thanks for reply but I'm not sure how this will help me.
Do you mean that I should add all users to the 'Domain Guest' group and
keep the 'Restrict Guest'.
I' would rather specify which user accounts that should be allowed to list
the eventlog and in my case it should only be the Local Administrators
group.
Is there a way to do that?

/Stefan Johansson



""Diana Smith [MSFT]"" <diasmith@online.microsoft.com> wrote in message
news:3OyrH0H3EHA.1512@cpmsftngxa10.phx.gbl...
> Hello Stefan,
>
> This article should help you:
>
> You receive an "Access is denied" error message when you try to access an
> event log on a Windows Server 2003-based computer or on a Windows
> 2000-based computer -->
> http://support.microsoft.com/default.aspx?scid=KB;EN-US;842209
>
> Thank You.
>
> Diana.
>
> This posting is provided "AS IS" with no warranties, and confers no
rights.
>
>
> diasmith@online.microsoft.com
>
> --------------------
> | From: "Stefan Johansson" <newsgroup@enbacken.com>
> | Subject: Users can read Application and System log
> | Date: Tue, 7 Dec 2004 14:42:00 +0100
> | Lines: 8
> | X-Priority: 3
> | X-MSMail-Priority: Normal
> | X-Newsreader: Microsoft Outlook Express 6.00.2800.1106
> | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
> | Message-ID: <#Sw2IKG3EHA.824@TK2MSFTNGP11.phx.gbl>
> | Newsgroups: microsoft.public.win2000.security
> | NNTP-Posting-Host: 194.103.63.153
> | Path:
>
cpmsftngxa10.phx.gbl!TK2MSFTNGXA03.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP11
> phx.gbl
> | Xref: cpmsftngxa10.phx.gbl microsoft.public.win2000.security:34370
> | X-Tomcat-NG: microsoft.public.win2000.security
> |
> | Hi,
> | Is there a way to restrict access to the Application and System -
Eventlog
> | in 2000 the same way that the Security logs work.
> | I dont want the users to be able to list the servers Eventlog.
> | The Restrict Guest is applied
> | /Stefan Johansson
> |
> |
> |
>
>
> This posting is provided "AS IS" with no warranties, and confers no
rights.
>
>
> diasmith@online.microsoft.com
>
Anonymous
a b 8 Security
December 9, 2004 11:02:57 PM

Archived from groups: microsoft.public.win2000.security (More info?)

Stefan,
Remove inheritance from the Application and System registry keys
(HKLM\System\CurrentControlSet\Services\EventLog\ ).
Select "Copy" permissions when prompted.
Remove all groups except for Administrators and System.

"Stefan Johansson" <newsgroup@enbacken.com> wrote in message
news:%23Sw2IKG3EHA.824@TK2MSFTNGP11.phx.gbl...
> Hi,
> Is there a way to restrict access to the Application and System - Eventlog
> in 2000 the same way that the Security logs work.
> I dont want the users to be able to list the servers Eventlog.
> The Restrict Guest is applied
> /Stefan Johansson
>
>
Related resources
!