How to solve permission errors for remote logging?
Created 2009-01-20 by
WinSyslog, EventReporter and MonitorWare Agent runs as a windows service. By default it runs with local system account permission. For local operations this is sufficient in the most cases. However, if you want to log to a remote drive for example, you have to grant sufficient privileges.
Failed to created subdirectories - Error: 3 or Could not create or open File - Error: 5. are typical error messages if the service is configured to log to a remote drive. The service's local system account has no write permission nor any other privileges on that remote drive. In order to make remote logging possible, you have to change the log on account of the service.
Important: You have to use an UNC path (like \\severname\sharename\path) in your 'Write to File Action' in order to log to remote. Map a network drive does not work, since the service does start in a different session without loading mapped drives.
Step 1 - Open Windows Services dialog
In Windows go to Start -> Control Panel -> Administrative Tools -> Services
Step 2 - Select the service properties
Right click on the service you want to configure (Adiscon EvntSLog = EventReporter, AdisconWINSyslog or AdisconMonitorWareAgent) then select 'Properties' from the menu.
Step 3 - Change the Log On permission
Switch to the 'Log On' tab and change the 'Log on as:' type to 'This account'. Now type in a user with sufficient privileges. Be sure for admit permissions for local recourses as well as for the remote one. To be on the safe side, use the Domainadmin account here.
Remember how windows authendication works in order to get the remote logging working.
You can verify if the user account works by connecting to the remote system interactively. For further details on windows permission, please take a look into Windows Administration manual.
- Domain only environment
Using a domain user with sufficient privileges.
- Two (or more) domains
Be sure that the same user (password have to be identical) exist in all domains. Grant privileges on domain basis as required.
- Domain and non-domain
Be sure that the same same user (password have to be identical) exist in the domain as well as on the non-domain computer. Grant privileges on domain and on the non-domain as required.
- None-domain e.g. workgroup
Be sure that the same user (password have to be identical) exist on all computer in question. Grant privileges on computer basis as required.
Step 4 - Restart service
Apply the changes and do not forget to restart the service.