When writing to a new event source from my ASP.NET application running under the Network service security context, I get registry permission exception. Why is this and how do I correct this

From Guidance Share

Jump to: navigation, search

J.D. Meier, Prashant Bansode, Alex Mackman


On Windows Server 2003, ASP.NET runs by default using the Network Service account. This account has the required privileges to write to any existing event source in the Application event log, but not to create a new event source. The first time your application tries to write to the event log, it checks to see if an event source for your application (typically the application name) already exists. If not, it tries to create it. To create an event source, your ASP.NET account needs permissions to create a new registry entry beneath the following key: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\. To enable your ASP.NET application to write to the event log using its own event source, you have two options:

  • Grant your ASP.NET process account (or impersonated identity if your application uses impersonation) permissions on the following registry key: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\.
  • Create the event source at application install time when administrator privileges are available. You can use a .NET installer class, which can be instantiated by the Windows Installer (if you are using .msi deployment) or by the InstallUtil.exe system utility.

Note: When you use the event log provider with ASP.NET health monitoring, events are logged by using an event source named "ASP.NET <<.Net Version Number>>". This event source is created when you install the .NET Framework. This is not configurable and you cannot change the event source used by health monitoring events.

More Information

For more information to configure an event source in the event log for the account running ASP.NET, see http://support.microsoft.com/default.aspx?scid=kb;en-us;329291

Personal tools