EventLog write permissions

My question is related to write permissions to the Windows Event Log. I have looked around several posts concering this, and have found some ways to solve my problem, but none of these are acceptable for my current scenario.

I use C# in .NET 4.0. I use the EventLog class: EventLog class

In short, I need to see if there is a way to impersonate or authenticate with an authenticated user and password to reach the right I need to write to the Event Log. The server will always be in the Windows Server family, but the version may vary.

My application is a Windows Service running with one of the following accounts:

• Network Service
• Local Service
• Local System
• User with restricted rights (Users or Domain Users groups)

Here are some other criterias I have:

• I cannot put the service user as Administrator, not even local administrator on the server
• I cannot edit or alter the registry
• I cannot alter the UAC or any group policies on the server
• I have a user with Administrator rights, but it cannot be used to run the service
• The Event Log will always be the local Event Log, not on a remote machine
• The Log will probably always be the "Application" log
• The Source may vary, and that seems to be the heart of the problem

My question is : Is this at all possible?

Can I impersonate a user in my code to achieve what I need? I do that when connecting to web services, logging on to smtp servers and of courseclogging in to databases etc.

I stumbled into this class: EventLogPermission Class

But I cannot seem to get a good concept on how to use the class.

I hope I have expressed my problem good. I don't concider this a duplicate of another post because of my criterias.

The key here is the administrator level permission at install time, which is simply required if you want to operate under default/safe security settings.

I am aware of that, and those are stuff I normally do. But both breaks my criterias (as stated in the question). I am unable to edit or alter the registry. And I cannot register the sources ahead of time, as my source may vary.

@MatsMagnem, I am pretty sure you can edit the registry at service installation time. When you install windows service, you need administrative permissions anyways, so you can tweak the permissions while you are at it. Once it is done, and your service is running, you don't need to modify registry.

I can, of couse. and I will if I have to. But this is a product sold to be installed at the cutsomer's own environment. Most government and corporate customers will often not give me a user with administrative right due to policies and politics. The installation itself does not need administrator privileges, neither does over-all running of the solution. So it's not my choice. If I have to, I will. But if I can avoid it by impersonating a user (which is ok because they can set username and password after insall), that would be swell :-)

@MatsMagnem, The installation itself does not need administrator privileges -- This is not true, to install windows service you need to be administrator on machine.

Ok, that's true. Wohever, my question remains. And that's if there is a possibility to accomplish what I like without having to run the service as an sdministrator user or access the Windows Registry. Many bigger customers are not happy when I need to have to alter the registry. It must be a valid criteria for a question.

@MatsMagnem, you maybe not realizing it, but when installing windows service you already are making a change in registry. Having changed one more reg key is not something that you are not doing during your installation. Solution I proposed works for a service running under account of low privileged user, and you don't need to modify any reg key while service is running (only during installation time). I downvoted your question because your criteria are contradictory. Add clear explanation what you are looking for (and why you need it) so I can remove my downvote.

You explain a manual edit in the registry. I find it hard to put a manual registry edit in the install documentation. The installation of the service is done by code and does not require a manual action. The application that create the service has a manifest that require admin rights. I realize there is no way of impersonating. So the way to go is to try and do the registry edit in a safe way in that app.

So it's not the matter of A registry change. It's the fact that it's manual. And the install person may not have the qualifications to do a proper change in the registry in a safe way. I may not be the installer in all cases. So I look for a non-manual way. But there might not be one. So the answer to my question should be "no" and not a down-vote.

-1: To modify a registry from your code use Windows Registry API, inside your installation process. It does not have to be manual.

The other suggestions described manual edits and did not answer my specific question. They were alternative methods, and not what I asked for.

As mentioned you can write an installer component such that when it installs your service it also automatically adds an event source (and removes it on uninstall). You acknowledged that the installation has to be done as a user with admin rights so there clearly is a solution hence the downvote on the "answer".

@Peter interesting approach, you should've posted it as an answer.