Ping a Specific Port

Question

John Rocha

Asked: 2017-02-24 12:08:11 +0800 CST2017-02-24 12:08:11 +0800 CST 2017-02-24 12:08:11 +0800 CST

EVENTCREATE fails with "ERROR: Access is denied" -- how to fix

772

I have also asked this question in a Microsoft Forum, but no answers there yet.

I am in the process of building out a Windows 2012 server to replace a legacy Windows 2008 server. I am testing a legacy batch script that logs informational or system events under different circumstances. However, the script is failing with the error "Access is denied".

I did some debugging and discovered the failure is with the EVENTCREATE line. Below is an example of the command and it's failure:

C:\SCRIPTS>EVENTCREATE /t WARNING /d "testing" /id 411
ERROR: Access is denied.

If I execute this command as myself (administrator) it works fine. But if one of the users executes it, it fails.

I did google around as well as check stackoverflow and it's sibling sites, and observed that this sort of behavior was reported when the /so parameter is used. However, I am not using the /so parameter.

I've confirmed that the user has access to the EVENTCREATE command. If they invoke it with /? they see the help contents for it.

Is there some sort of group policy permission setting I need to adjust? Something else?

Thanks in advance for your help.

2 Answers

Voted

Lucky Luke · Answer 1 · 2017-03-01T06:56:43+08:00

I suspect that the issue here is that you are not using the /so switch which would normally let you specify an event source.

Since you are not using that parameter, the utility defaults to "EventCreate" as the event source. This means that the utility will need to register the "EventCreate" source in the registry, something that would require elevated permissions. A user running eventcreate likely won't have those necessary permissions.

Have you tried running it on the same machine as an admin, and then running it again as a user? I would think that this would work.

Alternatively I would also try to specify an event source, e.g. "Your Application" and stick with that. The event source "EventCreate" is very generic, and I wouldn't use it.

Finally, I'd recommend these blog articles to understand how logging to the event log works:

https://www.eventsentry.com/blog/2008/04/event-log-message-files-the-de.html https://www.eventsentry.com/blog/2010/11/creating-your-very-own-event-m.html

user551606 · Answer 2 · 2019-12-10T12:24:01+08:00

user551606

2019-12-10T12:24:01+08:002019-12-10T12:24:01+08:00

I had the same and solved it by opening the command window AS administrator. Just being an administrator was not enough to execute the command. Right-click the icon and chose "Run as administrator"

-1

EVENTCREATE fails with "ERROR: Access is denied" -- how to fix

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?