Cool. I wonder why this is somewhat common...
On Tue, Mar 8, 2011 at 2:04 PM, James Kerr <[email protected]> wrote: > Yes, I just did the same thing and was able to setup the ACL properly by > selecting the DC. Thanks to all for the help. > > James > > > On Tue, Mar 8, 2011 at 1:58 PM, Richard Stovall <[email protected]> wrote: > >> Just for grins I went to a test DC I have for an upcoming project and was >> able to add the "NT Service\eventlog" account (no quotes when adding the >> account) to random filesystem ACLs. I did have to change the focus of the >> search location to the DC and not the directory. >> >> On Tue, Mar 8, 2011 at 1:03 PM, James Kerr <[email protected]> wrote: >> >>> No sir, I cannot find it. On the servers that have the proper perms the >>> icon used is the same as the other security groups that have access to that >>> folder. Google has not been helpful yet in trying to resolve this. >>> >>> On Tue, Mar 8, 2011 at 10:43 AM, James Rankin <[email protected]>wrote: >>> >>>> AFAIK, it's a user, not a group, that you are seeing. Can you access it >>>> by typing NT SERVICE\eventlog in the search field? >>>> >>>> >>>> On 8 March 2011 15:40, James Kerr <[email protected]> wrote: >>>> >>>>> Yes, 2008. The logon tab for Windows Event Log service is grayed out >>>>> but says its using local service. On my other 2008 machines including >>>>> another DC on another domain when I look at the logs folders security >>>>> properties I see EventLog listed with full control. I would like to have >>>>> that configured on this other DC also but I don't see a way to do that. >>>>> >>>>> >>>>> On Tue, Mar 8, 2011 at 9:58 AM, James Rankin <[email protected]>wrote: >>>>> >>>>>> isn't eventlog a virtual account, not a security group? Are these >>>>>> Windows 2008 DCs you are using? >>>>>> >>>>>> *Eventlog and EventSystem are Virtual Accounts. Virtual Accounts were >>>>>> introduced in Windows Server 2008 and Windows 7. >>>>>> >>>>>> (1)Virtual Accounts aren't created but are used to run services. You >>>>>> access them by typing NT SERVICE\[service name] into the 'This account' >>>>>> field on the service's Log On tab in the service management console and >>>>>> leaving the password fields blank. Virtual Accounts >>>>>> have the same permissions as Network Service: They have standard user >>>>>> rights on the local machine but communicate with the network as the local >>>>>> computer account. >>>>>> >>>>>> (2)Using virtual accounts >>>>>> >>>>>> Virtual accounts require very little management. They cannot be >>>>>> created or deleted, nor do they require any password management. >>>>>> >>>>>> You must be a member of the Administrators group on the local computer >>>>>> to perform the following procedures. >>>>>> To configure a service to use a virtual account >>>>>> >>>>>> 1. Click Start, point to Administrative Tools, and then click >>>>>> Services. >>>>>> 2. In the details pane, right-click the service that you want to >>>>>> configure, and then click Properties. >>>>>> 3. Click the Log On tab, click This account, and then type NT >>>>>> SERVICE\ServiceName. When you are finished, click OK. >>>>>> 4. Restart the service for the change to take effect.* >>>>>> >>>>>> http://technet.microsoft.com/en-us/library/dd548356%28WS.10%29.aspx >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> On 8 March 2011 14:36, James Kerr <[email protected]> wrote: >>>>>> >>>>>>> I want to give access to folder system32\winevt\logs to the EventLog >>>>>>> security group on a DC, trouble is I can't find it. On servers where I >>>>>>> can >>>>>>> see that group has full control of that folder, if I do a search of >>>>>>> security >>>>>>> groups EventLog isn't an option. Anyone have any ideas? >>>>>>> >>>>>>> James >>>>>>> >>>>>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>>>> >>>>>>> --- >>>>>>> To manage subscriptions click here: >>>>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>>>> or send an email to [email protected] >>>>>>> with the body: unsubscribe ntsysadmin >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put >>>>>> into the machine wrong figures, will the right answers come out?' I am >>>>>> not >>>>>> able rightly to apprehend the kind of confusion of ideas that could >>>>>> provoke >>>>>> such a question." >>>>>> >>>>>> *IMPORTANT: This email is intended for the use of the individual >>>>>> addressee(s) named above and may contain information that is >>>>>> confidential, >>>>>> privileged or unsuitable for overly sensitive persons with low >>>>>> self-esteem, >>>>>> no sense of humour or irrational religious beliefs. If you are not the >>>>>> intended recipient, any dissemination, distribution or copying of this >>>>>> email >>>>>> is not authorised (either explicitly or implicitly) and constitutes an >>>>>> irritating social faux pas. >>>>>> >>>>>> Unless the word absquatulation has been used in its correct context >>>>>> somewhere other than in this warning, it does not have any legal or no >>>>>> grammatical use and may be ignored. No animals were harmed in the >>>>>> transmission of this email, although the kelpie next door is living on >>>>>> borrowed time, let me tell you. Those of you with an overwhelming fear of >>>>>> the unknown will be gratified to learn that there is no hidden message >>>>>> revealed by reading this warning backwards, so just ignore that Alert >>>>>> Notice >>>>>> from Microsoft. >>>>>> >>>>>> However, by pouring a complete circle of salt around yourself and your >>>>>> computer you can ensure that no harm befalls you and your pets. If you >>>>>> have >>>>>> received this email in error, please add some nutmeg and egg whites, >>>>>> whisk >>>>>> and place in a warm oven for 40 minutes.* >>>>>> >>>>>> >>>>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>>> >>>>>> --- >>>>>> To manage subscriptions click here: >>>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>>> or send an email to [email protected] >>>>>> with the body: unsubscribe ntsysadmin >>>>>> >>>>> >>>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>> >>>>> --- >>>>> To manage subscriptions click here: >>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>> or send an email to [email protected] >>>>> with the body: unsubscribe ntsysadmin >>>>> >>>> >>>> >>>> >>>> -- >>>> "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put >>>> into the machine wrong figures, will the right answers come out?' I am not >>>> able rightly to apprehend the kind of confusion of ideas that could provoke >>>> such a question." >>>> >>>> *IMPORTANT: This email is intended for the use of the individual >>>> addressee(s) named above and may contain information that is confidential, >>>> privileged or unsuitable for overly sensitive persons with low self-esteem, >>>> no sense of humour or irrational religious beliefs. If you are not the >>>> intended recipient, any dissemination, distribution or copying of this >>>> email >>>> is not authorised (either explicitly or implicitly) and constitutes an >>>> irritating social faux pas. >>>> >>>> Unless the word absquatulation has been used in its correct context >>>> somewhere other than in this warning, it does not have any legal or no >>>> grammatical use and may be ignored. No animals were harmed in the >>>> transmission of this email, although the kelpie next door is living on >>>> borrowed time, let me tell you. Those of you with an overwhelming fear of >>>> the unknown will be gratified to learn that there is no hidden message >>>> revealed by reading this warning backwards, so just ignore that Alert >>>> Notice >>>> from Microsoft. >>>> >>>> However, by pouring a complete circle of salt around yourself and your >>>> computer you can ensure that no harm befalls you and your pets. If you have >>>> received this email in error, please add some nutmeg and egg whites, whisk >>>> and place in a warm oven for 40 minutes.* >>>> >>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>> >>>> --- >>>> To manage subscriptions click here: >>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>> or send an email to [email protected] >>>> with the body: unsubscribe ntsysadmin >>>> >>> >>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>> >>> --- >>> To manage subscriptions click here: >>> http://lyris.sunbelt-software.com/read/my_forums/ >>> or send an email to [email protected] >>> with the body: unsubscribe ntsysadmin >>> >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to [email protected] >> with the body: unsubscribe ntsysadmin >> > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
