restrict access to Application Log

[jeremy]

Archived from groups: microsoft.public.win2000.security (More info?)

I want to restrict access to the App and System logs in Event viewer on remote servers. I know how to use GPO (or the reg hack) to disable Guest or unauthenticated users, but I want to restrict everyone but administrators (both local and domain). In server 2003 this is enabled by default, so how can I enable it on a Windows 2000 server?

 

[Guest]

Archived from groups: microsoft.public.win2000.security (More info?)

I don't know of a direct way to do that like to the guests, but it might help to
restrict users from using the Event Viewer and other mmc's in Group Policy user
configuration. Users also need access to file and print sharing on those servers to
view those logs remotely. You can configure the security policy on those servers to
allow only administrators for the user right for "access this computer from the
network" unless they are domain controllers. -- Steve


"Jeremy" <Jeremy@discussions.microsoft.com> wrote in message
news:EB3A4445-80C5-48AB-80F4-A02C57E02DF0@microsoft.com...
> I want to restrict access to the App and System logs in Event viewer on remote
servers. I know how to use GPO (or the reg hack) to disable Guest or unauthenticated
users, but I want to restrict everyone but administrators (both local and domain).
In server 2003 this is enabled by default, so how can I enable it on a Windows 2000
server?