Open Registry Editor
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\CustomSD
b) Append to the original value above this string: (A;;0x1;;;SID)
For example, the original value of CustomSD for Application log is:
O:BAG:SYD:(A;;0x1;;;AU)(D;;0xf0007;;;AN)(D;;0xf0007;;;BG)(A;;0xf0007;;;SY) the value you need to set in the item "Eventlog: Security descriptor for Application event log" should be like: O:BAG:SYD:(A;;0x1;;;AU)(D;;0xf0007;;;AN)(D;;0xf0007;;;BG)(A;;0xf0007;;;SY)(A;;0x1;;;S-1-5-21-3211348086-2200026103-929403915-11722)
Instead of adding a user SID , add a group SID so next time you can add a user on that group for giving the same permission, I have tested that and that should be OK. _____________________________________________________________________ Original URL: http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/1dca0cee-2886-4749-8c09-8a6d56d02c0e/ Download the SID finder tool from the below link. http://sites.google.com/site/bshwjt/objsid.zip
Ed Price - MSFT edited Revision 3. Comment: Updated title casing per guidelines