I have a .NET web service that is trying to log to the Windows Event Log. However, when I try to send a SOAP request to a web method in this web service, I get back this error in the SOAP response:
System.InvalidOperationException: Cannot open log for source 'MySource'. You may not have write access. ---> System.ComponentModel.Win32Exception: Access is denied
I've tried Googling around for a solution. This one describes editing a registry key that does not exist for me in Windows 7 64-bit; same for this Microsoft page. This question is related but the only answer to it talks about a 'Source' key that does not seem to be anywhere in HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\eventlog\MySource. If I need to add a Source key, what does its value need to be? I am using impersonation in my web service's Web.config (<identity impersonate="true" />
). This question is related as well but has no answers. This question is related but again its answer doesn't seem to pertain to the registry setup in Windows 7.
I have both <authentication mode="Windows" />
and <identity impersonate="true" />
set in my Web.config. However, even when I remove <authentication mode="Windows" />
, I still get the "Cannot open log for source" error.
I was having the exact same problem in Windows 7 64 bit for my classic ASP web application. I eventually found that by changing the application pool for that website to "Enable 32-bit Applications" (right-click application pool, advanced settings) the problem disappeared.
See here:
http://msdn.microsoft.com/en-us/library/x7y6sy21.aspx
Note
To create an event source in Windows Vista, Windows XP Professional, or Windows Server 2003, you must have administrative privileges.
The reason for this requirement is that all event logs, including security, must be searched to determine whether the event source is unique. In Windows Vista, users do not have permission to access the security log; therefore, a SecurityException is thrown.
In Windows Vista, User Account Control (UAC) determines the privileges of a user. If you are a member of the Built-in Administrators group, you are assigned two run-time access tokens: a standard user access token and an administrator access token. By default, you are in the standard user role. To execute the code that accesses the security log, you must first elevate your privileges from standard user to administrator. You can do this when you start an application by right-clicking the application icon and indicating that you want to run as an administrator.
Solution: You should set up the log source using an installer or utility that runs as Administrator. If you are unsure, just use the same code that you use in your Web Service to log a 'Installation Utility Completed' message.
(You should not run the web service with Administrator privileges)
Hope that helps!