isn't eventlog a virtual account, not a security group? Are these Windows 2008 DCs you are using?
*Eventlog and EventSystem are Virtual Accounts. Virtual Accounts were introduced in Windows Server 2008 and Windows 7. (1)Virtual Accounts aren't created but are used to run services. You access them by typing NT SERVICE\[service name] into the 'This account' field on the service's Log On tab in the service management console and leaving the password fields blank. Virtual Accounts have the same permissions as Network Service: They have standard user rights on the local machine but communicate with the network as the local computer account. (2)Using virtual accounts Virtual accounts require very little management. They cannot be created or deleted, nor do they require any password management. You must be a member of the Administrators group on the local computer to perform the following procedures. To configure a service to use a virtual account 1. Click Start, point to Administrative Tools, and then click Services. 2. In the details pane, right-click the service that you want to configure, and then click Properties. 3. Click the Log On tab, click This account, and then type NT SERVICE\ServiceName. When you are finished, click OK. 4. Restart the service for the change to take effect.* http://technet.microsoft.com/en-us/library/dd548356%28WS.10%29.aspx On 8 March 2011 14:36, James Kerr <[email protected]> wrote: > I want to give access to folder system32\winevt\logs to the EventLog > security group on a DC, trouble is I can't find it. On servers where I can > see that group has full control of that folder, if I do a search of security > groups EventLog isn't an option. Anyone have any ideas? > > James > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > -- "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question." *IMPORTANT: This email is intended for the use of the individual addressee(s) named above and may contain information that is confidential, privileged or unsuitable for overly sensitive persons with low self-esteem, no sense of humour or irrational religious beliefs. If you are not the intended recipient, any dissemination, distribution or copying of this email is not authorised (either explicitly or implicitly) and constitutes an irritating social faux pas. Unless the word absquatulation has been used in its correct context somewhere other than in this warning, it does not have any legal or no grammatical use and may be ignored. No animals were harmed in the transmission of this email, although the kelpie next door is living on borrowed time, let me tell you. Those of you with an overwhelming fear of the unknown will be gratified to learn that there is no hidden message revealed by reading this warning backwards, so just ignore that Alert Notice from Microsoft. However, by pouring a complete circle of salt around yourself and your computer you can ensure that no harm befalls you and your pets. If you have received this email in error, please add some nutmeg and egg whites, whisk and place in a warm oven for 40 minutes.* ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
