Posts Tagged ‘windows 2003’

SharePoint Bending: Allow Non-Administrator Users to Write to the Event Log

Tuesday, March 4th, 2008

Windows SharePoint Services 3.0
Recently, a colleague asked me about an error that happened after he moved a WSS 3.0 Web site from the development to the production server.

When logged in as an administrator, all pages can be accessed successfully. But as a regular user, I got an “Access is denied” page when opening some pages containing some custom web parts with the following exception detail: System.ComponentModel.Win32Exception: Access is denied. Below it, in the stack trace, another exception popped: InvalidOperationException: Cannot open log for source ‘Some_webpart’. You may not have write access.

This happens because non-administrator users do not have—by default—the permission to write to the event log. So for this problem, just give the non-administrator users permission to write to the event log. If only it is that simple. Unfortunately, there are no easy (user-friendly) ways. To do this, follow the following steps:

  1. Fire up the registry editor which is usually located in C:\WINDOWS\regedit.exe.
  2. Navigate to: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application.
  3. Look for the entry CustomSD, it should contain string similar to:

    O:BAG:SYD:(D;;0xf0007;;;AN)(D;;0xf0007;;;BG)(A;;0xf0007;;;SY)(A;;0x7;;;BA) (A;;0x7;;;SO)(A;;0x3;;;IU)(A;;0x3;;;SU)(A;;0x3;;;S-1-5-3)

    The string is formatted as an SDDL, you can find more information about the format at Microsoft’s site.

  4. Now tell Windows to give the event log’s read-write permission to all authenticated users. To do this, append the string (A;;0x3;;;AU) to the entry CustomSD thus it becomes:

    O:BAG:SYD:(D;;0xf0007;;;AN)(D;;0xf0007;;;BG)(A;;0xf0007;;;SY)(A;;0x7;;;BA) (A;;0x7;;;SO)(A;;0x3;;;IU)(A;;0x3;;;SU)(A;;0x3;;;S-1-5-3)(A;;0x3;;;AU)

After following the above steps, retry visiting the pages on your SharePoint site. Now the “access denied” problem should have gone. Hope this will help you running your MOSS 2007 or WSS 3.0 installation on Windows 2003 Server.

Disclaimer: remember to backup your registry before making any changes. I am not responsible for your system damages because of any registry errors.

Tags: , ,
Posted in Programming | No Comments »