Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

[HELP] AD GPO not applied unexpectedly

Status
Not open for further replies.
Nov 2, 2020
1
SA
A vendor is configuring a solution for my company that depends on WinRM (Windows Event Forwarding: All clients have to forward logs to a central windows server)..

One of the prerequisites that the vendor requested is to configure a GPO to give the "NETWORK SERVICE" account a permission to read from event logs (NOTE: WinRM service runs as "NETWORK SERVICE" account)..

The configuration should be a two straight-forward steps in a newly created GPO via group policy management (i.e. 1st: adding "Event Log Readers" group to "Restricted Groups" in the GPO and 2nd: adding the "NETWORK SERVICE" account to "Event Log Readers" group).


However when I created the GPO and applied it.. on the client machine I am testing on.. this permission is not given and this error appears on the RSOP (Resultant Set of Policy):

[highlight #FCE94F]The policy "NAME OF THE CREATED GPO" resulted in the following error An unknown error occurred when attempting to open the database.. For more information see %windir%\security\logs\winlogon.log on the target machine.[/highlight]

When I went to see the logs, I didn't find "winlogon.log" file in %windir%\security\logs folder.

All help is much appreciated.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top