|Applies To||Microsoft Windows NT 4.0|
RSA ACE/Agent 4.4 for Windows NT (no longer supported as of 3-3-2003)
|Issue||Windows NT Agent logging to flat file and not to the Event Log|
Log messages in Winnt\System32\ACECLIENT.LOG
Log messages not written to Event Log
IIS Web Server stops responding to requests
|Cause||ACE/Agent writes a number of messages to the Application Log of Windows NT. Some of the messages are written by the SYSTEM account and others are written by the anonymous web user account (IUSR_machinename). The anonymous web user is a member of the "Guests" group and inherits restrictions from the Guest user account.|
|Resolution||Verify that the Guest user is allowed to write to the Application Log:|
1. Run Regedt32
2. Browse to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application
3. Look for a Value "RestrictGuestAccess". If this value is present then delete it and reboot the machine.
To restrict access to the Event Log this value would be set to REG_DWORD 1.
You can also restrict which messages are written to the Application Log by the ACE/Agent.
1. Go to Start->Settings->Control Panel->RSA ACE/Agent
2. Select the "Advanced" tab
3. Event Log filtering of "Default" will log all messages
4. Change the option to Low, Medium or High to filter messages and reduce the amount of information written to the Application Log. A setting of "High" will filter the most information out of the Application Log.
|Legacy Article ID||a4998|