Yeah I saw that article, problem is one screw up and you could waste the eventlogs on all the DC's and the DC's are in production, I rather not have to play around trying to calculate the codes for SDDL and stuff. With as many DC's as I have Id have to update the .INF file, register it, on all the DC's and Id have to do this in a test environment first to verify it works before doing change management in production.
Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:[email protected] Cell:401-639-3505 From: James Rankin [mailto:[email protected]] Sent: Thursday, October 28, 2010 8:27 AM To: NT System Admin Issues Subject: Re: Question on Granting service account read access to Domain Controller Eventlogs Maybe this? http://support.microsoft.com/kb/323076 On 27 October 2010 16:31, Ziots, Edward <[email protected]> wrote: Running a Windows 2008 R2 DFL/FFL domain, security team needs a service account to have read only access to the Security Eventlog accordingly. Is there a way via the Default Domain Controllers Policy to Grant this, or maybe a users right in Windows 2008 R2 accordingly? Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:[email protected] <mailto:email%[email protected]> Cell:401-639-3505 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin -- "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question." ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
