I would have thought that user right should do it, to be fair On 28 October 2010 13:55, Ziots, Edward <ezi...@lifespan.org> wrote:
> Yep, DC access is strictly limited, especially with the new Win2k8R2 > Domain. > > > > If Manage Audit and Security Logs user right along with EventLog Readers > group access doesn’t cut it for them, then ohh well. > > > > Z > > > > Edward E. Ziots > > CISSP, Network +, Security + > > Network Engineer > > Lifespan Organization > > Email:ezi...@lifespan.org <email%3aezi...@lifespan.org> > > Cell:401-639-3505 > > > > *From:* James Rankin [mailto:kz2...@googlemail.com] > *Sent:* Thursday, October 28, 2010 8:51 AM > > *To:* NT System Admin Issues > *Subject:* Re: Question on Granting service account read access to Domain > Controller Eventlogs > > > > I take it giving the service account admin access to the DCs is a big no-no > as well :-) or, I suppose, rather defeats the object > > On 28 October 2010 13:47, Ziots, Edward <ezi...@lifespan.org> wrote: > > Yeah I saw that article, problem is one screw up and you could waste the > eventlogs on all the DC’s and the DC’s are in production, I rather not have > to play around trying to calculate the codes for SDDL and stuff. With as > many DC’s as I have Id have to update the .INF file, register it, on all the > DC’s and Id have to do this in a test environment first to verify it works > before doing change management in production. > > > > Z > > > > Edward E. Ziots > > CISSP, Network +, Security + > > Network Engineer > > Lifespan Organization > > Email:ezi...@lifespan.org <email%3aezi...@lifespan.org> > > Cell:401-639-3505 > > > > *From:* James Rankin [mailto:kz2...@googlemail.com] > *Sent:* Thursday, October 28, 2010 8:27 AM > > > *To:* NT System Admin Issues > *Subject:* Re: Question on Granting service account read access to Domain > Controller Eventlogs > > > > Maybe this? http://support.microsoft.com/kb/323076 > > On 27 October 2010 16:31, Ziots, Edward <ezi...@lifespan.org> wrote: > > Running a Windows 2008 R2 DFL/FFL domain, security team needs a service > account to have read only access to the Security Eventlog accordingly. Is > there a way via the Default Domain Controllers Policy to Grant this, or > maybe a users right in Windows 2008 R2 accordingly? > > > > Z > > > > Edward E. Ziots > > CISSP, Network +, Security + > > Network Engineer > > Lifespan Organization > > Email:ezi...@lifespan.org <email%3aezi...@lifespan.org> > > Cell:401-639-3505 > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > > > -- > "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into > the machine wrong figures, will the right answers come out?' I am not able > rightly to apprehend the kind of confusion of ideas that could provoke such > a question." > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > > > -- > "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into > the machine wrong figures, will the right answers come out?' I am not able > rightly to apprehend the kind of confusion of ideas that could provoke such > a question." > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question." ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin