Delegating Access to the Event Logs

Windows 2003 allow the customization of the permissions on each Event log on a computer. This was not possible in previous versions of Windows and is very useful if your web application need to access it.
More information are available on the following article: 323076 - How to set event log security locally or by using Group Policy in Windows Server 2003

The access control list (ACL) is stored as a Security Descriptor Definition Language (SDDL) string, in a REG_SZ value called "CustomSD" for each event log in the registry.
For more information on SDDL, see "Security Descriptor Definition Language," available on MSDN Online at: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/security/Security/security_descriptor_definition_language.asp.

I also really suggest this other article about Development Impacts of Security Changes in Windows Server 2003.



Tags:

About author

Vittorio Pavesi