RE: [ActiveDir] "Access denied" connecting to remote Event Logs

[Ruston, Neil]

Title: Message

Bob,

 

I can indeed access the logs on the w2k3 DC from its own console. The account used is *not* a member of Guests.

 

Where is the explicit deny set and how is this visible/changed?

 

Guests and Domain Guests have default members [this is a test lab].

 

neil

 

-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Free, Bob
Sent: 20 May 2005 18:08
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] "Access denied" connecting to remote Event Logs

You don't mention if you can view the logs on the 2003 box from it's own console but absent that info, I'll take a stab at it anyway

 

Check that the account isn't a member of Guests, there is an explicit deny in 2003 for Guests. At the risk of incurring joe's wrath, whoami / groups works nicely as a starting point :-)

This problem could also be caused by an administrator addinng a group containing a broad category of users (such as the Everyone, INTERACTIVE, OR Authenticated users group) to the Guests group.

---

From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ruston, Neil
Sent: Friday, May 20, 2005 7:29 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] "Access denied" connecting to remote Event Logs

I have 2 DCs in a [test] domain  - one w2k sp3, the other w2k3 sp0. The domain is w2k native.

I am logged on to both DCs using an account which is a member of domain admins.

If I connect to the event viewer on the w2k DC from the w2k3 DC, no problem.
If I connect to the event viewer on the w2k3 DC from the w2k DC, I receive 'access denied'.

Domain Admins have the right to "logon locally", "manage auditing and sec logs" and "access this computer from the network" (all set via GPO)

Which setting / policy should I check or change to fix this issue?

Thanks in advance,
neil

==============================================================================
This message is for the sole use of the intended recipient. If you received
this message in error please delete it and notify us. If this message was
misdirected, Credit Suisse, its subsidiaries and affiliates (CS) do not
waive any confidentiality or privilege. CS retains and monitors electronic
communications sent through its network. Instructions transmitted over this
system are not binding on CS until they are confirmed by us. Message
transmission is not guaranteed to be secure.
==============================================================================

==============================================================================
This message is for the sole use of the intended recipient. If you received
this message in error please delete it and notify us. If this message was
misdirected, Credit Suisse, its subsidiaries and affiliates (CS) do not
waive any confidentiality or privilege. CS retains and monitors electronic
communications sent through its network. Instructions transmitted over this
system are not binding on CS until they are confirmed by us. Message
transmission is not guaranteed to be secure.
==============================================================================