事件日志写入权限 [英] EventLog write permissions
问题描述
我的问题与对 Windows 事件日志的写入权限有关.我查看了几篇与此相关的帖子,并找到了一些方法来解决我的问题,但对于我当前的情况,这些都不可接受.
My question is related to write permissions to the Windows Event Log. I have looked around several posts concering this, and have found some ways to solve my problem, but none of these are acceptable for my current scenario.
我在 .NET 4.0 中使用 C#.我使用 EventLog 类:EventLog 类
I use C# in .NET 4.0. I use the EventLog class: EventLog class
简而言之,我需要看看是否有办法模拟或使用经过身份验证的用户和密码进行身份验证,以达到我需要写入事件日志的权限.服务器将始终在 Windows Server 系列中,但版本可能会有所不同.
In short, I need to see if there is a way to impersonate or authenticate with an authenticated user and password to reach the right I need to write to the Event Log. The server will always be in the Windows Server family, but the version may vary.
我的应用程序是使用以下帐户之一运行的 Windows 服务:
My application is a Windows Service running with one of the following accounts:
- 网络服务
- 本地服务
- 本地系统
- 权限受限的用户(用户或域用户组)
以下是我的一些其他标准:
Here are some other criterias I have:
- 我无法将服务用户设置为管理员,甚至无法将本地管理员设置为服务器
- 我无法编辑或更改注册表
- 我无法更改服务器上的 UAC 或任何组策略
- 我有一个拥有管理员权限的用户,但它不能用于运行服务
- 事件日志将始终是本地事件日志,而不是在远程机器上
- 日志可能永远是应用程序"日志
- 来源可能有所不同,这似乎是问题的核心
- I cannot put the service user as Administrator, not even local administrator on the server
- I cannot edit or alter the registry
- I cannot alter the UAC or any group policies on the server
- I have a user with Administrator rights, but it cannot be used to run the service
- The Event Log will always be the local Event Log, not on a remote machine
- The Log will probably always be the "Application" log
- The Source may vary, and that seems to be the heart of the problem
我的问题是:这可能吗?
我可以在我的代码中模拟用户来实现我的需要吗?我在连接 Web 服务、登录 smtp 服务器以及登录数据库等时都会这样做.
Can I impersonate a user in my code to achieve what I need? I do that when connecting to web services, logging on to smtp servers and of courseclogging in to databases etc.
我偶然发现了这门课:EventLogPermission 类
但我似乎无法很好地理解如何使用该类.
But I cannot seem to get a good concept on how to use the class.
我希望我已经很好地表达了我的问题.由于我的标准,我不认为这是另一个帖子的重复.
I hope I have expressed my problem good. I don't concider this a duplicate of another post because of my criterias.
推荐答案
答案是否定的.
我意识到没有按照我要求的方式解决这个问题的好方法.必须手动完成.
I realize there are no good way of solving this the way I requested. There must be a manual job done.
因此,我针对此场景选择的解决方案是,无法以管理员身份运行服务或手动编辑注册表的客户无法使用日志记录到事件日志的功能.我将使从配置中启用和禁用日志记录成为可能.
So the solution I pick for this scenario is that customers who cannot run the service as an administrator or do a manual registry edit cannot use the functions around logging to event log. And I will make it possible to enable and disable the logging from the config.
管理员用户和注册表编辑对我来说是已知的方式,但正如我所说的那样我试图避免.但这一次,按照我的标准,这似乎是不可能的.
Admin user and registry edit are known ways for me, but as stated something I was trying to avoid. But that is, as it seems, not possible according to my criterias this time.
这篇关于事件日志写入权限的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
