Article ID: 842209 - View products that this article applies to.
When you try to access an event log on a Microsoft Windows Server 2003-based computer or on a Microsoft Windows 2000-based computer, you receive the following error message:
Unable to complete the operation on event log. Access is denied.
By default, the built-in guest group and the built-in domain guest group cannot access the event logs. When a user is a member of the guest group or of the domain guest group, the user cannot access the event logs.
To resolve this problem, use one of the following methods.
Method 1Remove any user or group that must access the event logs from the guest group and from the domain guest group.
If the problem persists, add the user or the group to the permissions list for the event log files. To view an event log, the user or group must have Read permission.
Note The event log files are located in the following folder:
Method 2Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/322756/ )How to back up and restore the registry in Windows
Disable the Restrict guest access to application log guest policy, the Restrict guest access to security log guest policy, or the Restrict guest access to system log group policy from the Guest account in Windows 2000 Server if you want the policy to remain enabled.
To remove policies from the Default Domain Policy Group Policy settings, follow these steps:
Article ID: 842209 - Last Review: October 30, 2006 - Revision: 2.3