Security logs are not available for users in eventlog group. I've checked this down to security event log file. eventlog group has all permissions.
Unfortunately I cannot add my user to Administrators group.
Which local\domain policy can block this?
Asked
Active
Viewed 2,304 times
1
-
Take a look at this article it will give you multiple ways of changing rights for eventlog access: https://support.microsoft.com/en-us/kb/323076 – Eugene R. Apr 28 '15 at 21:12
1 Answers
0
Event Log Readers builtin domain local group usually works for vanilla access using tools such as Event Viewer.
You may want to check your security log (with auditing enabled) to confirm the identity that is actually failing access. In some cases, this may be the Network Service well-known identity. You may be able to add this to the Event Log Readers group to resolve the issue.
Greg Askew
- 34,339
- 3
- 52
- 81