Hey All,
I have some ASP 3 pages that instantiate a COM component. That
component writes messages to the one of the Windows event logs.
Things work as I expect them to on XP Pro but not on 2003 Server. I
figured it was a security thing, so I surfed around and found that
permissions were tightened in the server's first service pack. The fix
I found[1] said to append an ACE[2] to the event log's CustomSD
registry value found at
HKLM\SYSTEM\CurrentControlSet\Services\EventLog\{L OG_NAME}\CustomSD
I tried three different ones with a reboot after appending each one:
1. (A;;0x3;;;AU)
2. (A;;0x3;;;NS)
3. (A;;0x0002;;;S-1-5-21-237510213-3056582554-1478882900-1003)
The last uses the full SID of the IUSR account on the Windows 2003 I'm
working on. I obtained that ID using this vbscript:
Dim WshNetwork
Dim strComputer, Account
Dim objWMIService, colItems, objItem
Set WshNetwork = WScript.CreateObject("WScript.Network")
strComputer = "."
Account = "IUSR_" & WshNetwork.ComputerName
Set objWMIService = GetObject("winmgmts:\\.\root\cimv2")
Set colItems = objWMIService.ExecQuery("Select * from Win32_Account
where Name = '" & Account & "'" )
For Each objItem in colItems
Wscript.Echo objItem.SID
Next
If anyone has any advice that can help me figure out how to solve this
problem, I would really appreciate it.
TIA!
--
Regards,
Travis Spencer
[1] http://tinyurl.com/obd49, http://tinyurl.com/f0o8, and
http://tinyurl.com/m4eun.
[2] http://tinyurl.com/r3j48