Verify that the user account has the required privileges to read the security logs.
After you have created a new account and enabled security log access, you must verify the ability to read the security logs.
Prerequisites
Enable security log access. See Enable Security Read-Only Log Access on Windows 2008.
Procedure
- From any workstation that is part of the domain, log on to the domain as an administrator.
- Navigate to Start > Administrative Tools > Event Viewer.
- Select Connect to Another Computer... from the Action menu. The Select Computer dialog box appears. (Note that you must do this even if you are already logged on to the machine for which you plan to view the event log.)
- Select the Another computer radio button, if it is not already selected.
- In the text field adjacent to the Another computer radio button, enter the name of the Domain Controller. Alternatively, click the Browse... button and then select the Domain Controller.
- Select the Connect as another user check box.
- Click the Set User... button. The Event Viewer dialog box appears.
- In the User name field, enter the user name for the user that you created.
- In the Password field, enter the password for the user that you created
- Click OK
- Click OK again.
- Expand the Windows Logs node in the navigation tree.
- Under the Windows Logs node, select the Security node. If you can see log events then the account has the required privileges.