Jay Kay
2012-03-29 15:04:32 UTC
Jay Kay [http://community.zenoss.org/people/jcc2186] created the discussion
"Re: ZenEventlog: Could not read the Windows event log (NT_STATUS_ACCESS_DENIED)."
To view the discussion, visit: http://community.zenoss.org/message/65612#65612
--------------------------------------------------------------
Hi All,Â
I am hitting a brick wall with this too, was there ever a solution to this? I am trying to monitor a server 2003 machine and I have tried this with a local admin account on it and a domain admin account as well (Both local and on the somain). I have followed the guides on adding the CIMV2 security for these 2 accounts on: wmimgmt.msc & dcomconfig. I even went ahead and granted Full read, write and execute permissions for these two (for testing of course) but it didnt help.Â
I turned off the firewall on the windows system and still no go. I also went ahead and ran:
sc sdset SCMANAGER D:(A;;CCLCRPRC;;;AU)(A;;CCLCRPWPRC;;;SY)(A;;KA;;;BA)S:(AU;FA;KA;;;WD)(AU;OIIOFA;GA;;;WD)
wmic -U 'domain\user' //hostname 'SELECT Message FROM Win32_NTLogEvent WHERE LogFile="Internet Explorer"'
wmic -U 'domain\user' //hostname 'SELECT Message FROM Win32_NTLogEvent WHERE LogFile="Security"'
wmic -U 'domain\user' //hostname 'SELECT Message FROM Win32_NTLogEvent WHERE LogFile="System"'
And the commands return every single log in the machine, but there is still an alert going off on the Zenoss GUI interface telling me:
Here is the error message I get in my zeneventlog as well as the Zenoss web GUI for this server:
2012-03-29 10:42:41,174 ERROR zen.zeneventlog: Unable to scan device 192.168.6.22: NT_STATUS_ACCESS_DENIED
Any help would be greatly appreciated.
Regards,
-Juan
--------------------------------------------------------------
Reply to this message by replying to this email -or- go to the discussion on Zenoss Community
[http://community.zenoss.org/message/65612#65612]
Start a new discussion in zenoss-users by email
[discussions-community-forums-zenoss--***@community.zenoss.org] -or- at Zenoss Community
[http://community.zenoss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2003]
"Re: ZenEventlog: Could not read the Windows event log (NT_STATUS_ACCESS_DENIED)."
To view the discussion, visit: http://community.zenoss.org/message/65612#65612
--------------------------------------------------------------
Hi All,Â
I am hitting a brick wall with this too, was there ever a solution to this? I am trying to monitor a server 2003 machine and I have tried this with a local admin account on it and a domain admin account as well (Both local and on the somain). I have followed the guides on adding the CIMV2 security for these 2 accounts on: wmimgmt.msc & dcomconfig. I even went ahead and granted Full read, write and execute permissions for these two (for testing of course) but it didnt help.Â
I turned off the firewall on the windows system and still no go. I also went ahead and ran:
sc sdset SCMANAGER D:(A;;CCLCRPRC;;;AU)(A;;CCLCRPWPRC;;;SY)(A;;KA;;;BA)S:(AU;FA;KA;;;WD)(AU;OIIOFA;GA;;;WD)
From Start- Run - CMD (As administrator) and still no go.
wmic -U 'domain\user' //hostname 'SELECT Message FROM Win32_NTLogEvent WHERE LogFile="Application"'wmic -U 'domain\user' //hostname 'SELECT Message FROM Win32_NTLogEvent WHERE LogFile="Internet Explorer"'
wmic -U 'domain\user' //hostname 'SELECT Message FROM Win32_NTLogEvent WHERE LogFile="Security"'
wmic -U 'domain\user' //hostname 'SELECT Message FROM Win32_NTLogEvent WHERE LogFile="System"'
And the commands return every single log in the machine, but there is still an alert going off on the Zenoss GUI interface telling me:
Here is the error message I get in my zeneventlog as well as the Zenoss web GUI for this server:
2012-03-29 10:42:41,174 ERROR zen.zeneventlog: Unable to scan device 192.168.6.22: NT_STATUS_ACCESS_DENIED
Any help would be greatly appreciated.
Regards,
-Juan
--------------------------------------------------------------
Reply to this message by replying to this email -or- go to the discussion on Zenoss Community
[http://community.zenoss.org/message/65612#65612]
Start a new discussion in zenoss-users by email
[discussions-community-forums-zenoss--***@community.zenoss.org] -or- at Zenoss Community
[http://community.zenoss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2003]