My question is related to write permissions to the Windows Event Log.
I have looked around several posts concering this, and have found some ways to solve my problem, but none of these are acceptable for my current scenario.
I use C# in .NET 4.0. I use the EventLog class:
EventLog class
In short, I need to see if there is a way to impersonate or authenticate with an authenticated user and password to reach the right I need to write to the Event Log. The server will always be in the Windows Server family, but the version may vary.
My application is a Windows Service running with one of the following accounts:
- Network Service
- Local Service
- Local System
- User with restricted rights (Users or
Domain Users groups)
Here are some other criterias I have:
- I cannot put the service user as Administrator, not even local administrator on the server
- I cannot edit or alter the registry
- I cannot alter the UAC or any group policies on the server
- I have a user with Administrator rights, but it cannot be used to run the service
- The Event Log will always be the local Event Log, not on a remote machine
- The Log will probably always be the "Application" log
- The Source may vary, and that seems to be the heart of the problem
My question is : Is this at all possible?
Can I impersonate a user in my code to achieve what I need?
I do that when connecting to web services, logging on to smtp servers and of courseclogging in to databases etc.
I stumbled into this class:
EventLogPermission Class
But I cannot seem to get a good concept on how to use the class.
I hope I have expressed my problem good. I don't concider this a duplicate of another post because of my criterias.
See Question&Answers more detail:
os 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…