Security Exception when writing to Event Log

Symptom

The following message may occur during the submission of a transaction:

System.Security.SecurityException: The source was not found, but some or all event logs could not be searched. Inaccessible logs: Security

Cause

This scenario may occur following a PanatrackerGP upgrade or installation, or following a server update. The message indicates that an application (e.g. PanatrackerGP) is attempting to write a message (informational or error condition) into the server's event log. However, security on the server is prohibiting the application process from completing the entry because the Security log cannot be accessed. Note that this is not a PanatrackerGP nor Dynamics GP issue, but rather relates to a server configuration. In this case, the "source" that is referred to is likely "Panatracker", which is used by the event log as a mechanism to group event log messages. The condition is occurring because the server is not allowing the creation of this source.

PanatrackerGP is attempting to access the security log via the IIS process configured in the IIS application pool. For example, the IIS pool identity could be "Network Service" or another process. In this instance, this configured process does not have the permission to create the log source. Therefore, it cannot write the actual message it is attempting to write to the event log.

Solution

Please note there are likely multiple ways to resolve this issue. Please consult with your partner or server engineer to confirm the best solution for your scenario.

Additional background on this message can be found here:  http://stackoverflow.com/questions/1274018/system-security-securityexception-when-writing-to-event-log/3138269#3138269

The following steps can be used to give the Network Service process additional privileges to allow it to create the missing event source.

Perform a registry backup before making changes to the registry.

  1. Open IIS and navigate to Application Pools
  2. Change application pool identity for the Panatracker site to Network Service.
  3. Open the Registry Editor by selecting Start then Run and enter regedt32 or regedit.
  4. Navigate/expand the following key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Security
  5. Right click on this entry and select Permissions
  6. Add the Network Service user and give Network Service user Full Control
  7. Navigate/expand to the following key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog
  8. Right click on this entry and select Permissions
  9. Add the Network Service user and give Network Service user Full Control

Once the above changes have been made, reattempt the failing transaction TWICE. This is suggested because the server will use the first attempt to create the source, and the second to write the message that it originally wanted to write. 

 

Have more questions? Submit a request

Comments