|
One other thing you may want to look at
is whether the account you are using has Manage auditing and security log (SeSecurityPrivilege)
on the Default DC Policy. From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Policelli This is a new feature of Windows Server
2003. MS was smart enough to prevent regular users to view the
Application and System log. With Windows 2000, authenticated users can
read the Application log and System log on a domain controller. Having
said this, users require a specific right to access the Security log on a domain
controller. From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of I
have 2 DCs in a [test] domain - one w2k sp3, the other w2k3 sp0. The
domain is w2k native. I
am logged on to both DCs using an account which is a member of domain admins.
If
I connect to the event viewer on the w2k DC from the w2k3 DC, no problem.
Domain
Admins have the right to "logon locally", "manage auditing and
sec logs" and "access this computer from the network" (all set
via GPO) Which
setting / policy should I check or change to fix this issue? Thanks
in advance, ============================================================================== |
Title: "Access denied" connecting to remote Event Logs
- RE: [ActiveDir] "Access denied" connecting to... John Policelli
- RE: [ActiveDir] "Access denied" connecti... John Policelli
- [ActiveDir] removing a DC from AD Antonio Aranda
- Re: [ActiveDir] removing a DC from AD Santhosh Sivarajan
- RE: [ActiveDir] "Access denied" connecti... Free, Bob
- RE: [ActiveDir] "Access denied" connecti... Ruston, Neil
- RE: [ActiveDir] "Access denied" connecti... Ruston, Neil
- Re: [ActiveDir] "Access denied" connecti... Mark Parris
