Neil Have you seen 323076 ?
Mark -----Original Message----- From: "Ruston, Neil" <[EMAIL PROTECTED]> Date: Mon, 23 May 2005 09:13:01 To:"'[email protected]'" <[email protected]> Subject: RE: [ActiveDir] "Access denied" connecting to remote Event Logs John, To re-iterate, I am using an account with membership of domain admins. The domain admins group has the right 'manage auditing and security logs' granted. neil -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Policelli Sent: 20 May 2005 16:28 To: [email protected] Subject: RE: [ActiveDir] "Access denied" connecting to remote Event Logs One other thing you may want to look at is whether the account you are using has Manage auditing and security log (SeSecurityPrivilege) on the Default DC Policy. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Policelli Sent: Friday, May 20, 2005 11:21 AM To: [email protected] Subject: RE: [ActiveDir] "Access denied" connecting to remote Event Logs This is a new feature of Windows Server 2003. MS was smart enough to prevent regular users to view the Application and System log. With Windows 2000, authenticated users can read the Application log and System log on a domain controller. Having said this, users require a specific right to access the Security log on a domain controller. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ruston, Neil Sent: Friday, May 20, 2005 10:29 AM To: [email protected] Subject: [ActiveDir] "Access denied" connecting to remote Event Logs I have 2 DCs in a [test] domain - one w2k sp3, the other w2k3 sp0. The domain is w2k native. I am logged on to both DCs using an account which is a member of domain admins. If I connect to the event viewer on the w2k DC from the w2k3 DC, no problem. If I connect to the event viewer on the w2k3 DC from the w2k DC, I receive 'access denied'. Domain Admins have the right to "logon locally", "manage auditing and sec logs" and "access this computer from the network" (all set via GPO) Which setting / policy should I check or change to fix this issue? Thanks in advance, neil ============================================================================== This message is for the sole use of the intended recipient. If you received this message in error please delete it and notify us. If this message was misdirected, Credit Suisse, its subsidiaries and affiliates (CS) do not waive any confidentiality or privilege. CS retains and monitors electronic communications sent through its network. Instructions transmitted over this system are not binding on CS until they are confirmed by us. Message transmission is not guaranteed to be secure. ============================================================================== ============================================================================== This message is for the sole use of the intended recipient. If you received this message in error please delete it and notify us. If this message was misdirected, Credit Suisse, its subsidiaries and affiliates (CS) do not waive any confidentiality or privilege. CS retains and monitors electronic communications sent through its network. Instructions transmitted over this system are not binding on CS until they are confirmed by us. Message transmission is not guaranteed to be secure. ============================================================================== List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
