Using SemanticLogging-svc as a service - Access Denied - [Closed]

Topics: Semantic Logging Application Block
May 13, 2013 at 3:54 PM
Edited May 13, 2013 at 3:58 PM
I installed the SemanticLogging service using the command:
SemanticLogging-svc.exe -install
It installed as Manual startup with the account Local Service. I hit Start in the services console and get:
Windows could not start the Enterprise Library Semantic Logging Out-of-Process Service service on Local Computer.

Error 5: Access is denied.
Since I couldn't get SQL working on this machine (see this post) I've edited the .xml file to contain just one sink:
    <flatFileSink name="fileSink"
        <eventSource level="Verbose"
And I've granted Modify to LocalService on that folder.

If I try to run this in console mode as me (not elevated), I get an UnauthorizedAccessException, "Only users with administrative privileges, users in the Performance Log Users group, and services running as LocalSystem, LocalService, NetworkService can control event tracing sessions. To grant a restricted user the ability to control trace sessions, add them to the Performance Log Users group." [my emphasis] which suggests that LocalService should be able to to the ETW so what's the problem?
May 13, 2013 at 8:00 PM

It looks that when you run with LocalService the error is because of missing write permissions on the folder pointed by filename attr. Also make sure that your are setting all checks but Full control in the permissions dialog for LOCAL SERVICE. You can also try with another account with more privileges to discard any other missing permission.
Now for the console scenario, you account should be part of Perf.Log Users or you can also run the console elevated.
May 13, 2013 at 9:33 PM
Edited May 13, 2013 at 9:41 PM
When I used the standard .xml file and tried Modify (i.e. all but Full Control) on a standard client machine on my test domain it worked. I was pretty sure that's what I tried before on my dev box so I had a think. The difference was that on my dev box I had pointed the log file to another folder and granted Modify on that. When I moved it and granted Modify for LOCAL SERVICE on the log folder as well, it still worked. When I removed LOCAL SERVICE from the service folder permissions, it broke. Obviously, when I thought about it a bit more, LOCAL SERVICE required Read & Execute on the service folder. Doh!

Thanks for your help.