Monthly Archives: December 2011

eventlog Security Group for Windows Event Logs

I had a bit of a hard time with this one, so hopefully I can save someone else the trouble of finding this information…

We have a security requirement to configure the ACLs for event logs so their access is restricted.  In Windows 7/Server 2008, a new virtual account, “eventlog” is required to have full access to the logs to ensure proper functionality.

Since we configure the ACLs using Group Policy, I needed to include this as part of a file permission set.  In order to do this you must search for “NT SERVICE\eventlog” on the local machine.  You will not be able to locate the account any other way.

I suspect that this can also be configured using SDDL in the new event log GP Admin Templates, but haven’t had a chance to play with that.  If anyone has any experience with this policy, please link a post to my site…


jnlp (Java Network Launching Protocol) does not run from IE, only prompts to save

If you’re running a secure network, you may encounter a situation where you try to launch a Java web app (from an SSL session) and instead IE will only give you the option to save the jnlp file.  Assuming that your JRE version is current, this is likely due to the following Group Policy being enabled:

Computer Configuration | Administrative Templates | Windows Components | Internet Explorer | Internet Control panel | Advanced Page | Do not save encrypted pages to disk

This causes IE to block saving the jnlp file to the cache, which also precludes it from launching.