Installation Event log exceptions v1.0.0.1362

G'day,

I'm just testing an installation I did last week. The web site isn't working, so I reviewed services and the event log to try and determine the problem. I think there is a permissions problem with the service log, when you run the service under a non Administration AD service account. I'm a little stuck at what's wrong. I notice that there doesn't seem to be an agent entry in services either.

Event Log Entry.

Service cannot be started. System.Security.SecurityException: The source was not found, but some or all event logs could not be searched. Inaccessible logs: Security.

at System.Diagnostics.EventLog.FindSourceRegistration(String source, String machineName, Boolean readOnly, Boolean wantToCreate)

at System.Diagnostics.EventLog.SourceExists(String source, String machineName, Boolean wantToCreate)

at System.Diagnostics.EventLog.SourceExists(String source)

at Continua.Shared.Logging.WindowsEventLogLogger.RegisterEventSource(String sourceName)

at Continua.Shared.Extensions.IEnumerableExtensions.Each[T](IEnumerable`1 items, Action`1 action)

at Continua.ApplicationSetup.SetUpLoggers()

at Continua.ServerApplicationSetup.Create()

at Continua.Service.Common.ApplicationServiceBase.OnStart(String[] args)

at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

The Zone of the assembly that failed was:

MyComputer

If I look at Contrinua.Server.Service.exe.config I find the following line for logging.

I think there might be a permissions issue, with the account I have not allowing files written to the root of C:\ drive.

Hi Jamie

It looks like perhaps a user needs admin rights to create an Eventlog Source, which is what happens during startio on the service. I’ll look at moving this to the installer (which does have admin rights when run).

Actually we do create the evenlog source during the install of the service, which is run with admin rights. The issue is checking if the evenlog source exists when the service starts.

Can you try changing service to run under local system, then try start it, if it starts, stop it and change back to your user and see if it starts ok. In the mean time I’ll look into what we need to do for this.

Vincent,

Ok, I did the swap for the service to "Local System" and got things to the next stage.

At this point my SQL Server integrated security configuration failed. (got a nice message on Continua web site and in SQL Server Logs).

Hi Jamie

Next build should hopefully fix this, the problem is we are checking ifthe eventsource is registered on startup, but aparently with server 2008 and higher you need admin rights to do that. The eventsource should be getting registered when the service is installed, so there should be no need to registered it again or check if it’s registered (seems a bit silly for windows to lock this down so much).

Ouch… not sure what is going on there. I think we’ll set up a 2012 server the same as yours on monday… there’s something strange going on with permissions. That stack trace makes no sense… will check with the guys on monday and see if anyone knows what is going on there.

There will be another build available later tonight or over the weekend.

Cheers,
Will check this out. I’ve got a series of VM running each of the different parts of the Continua software, so it will be interesting to see how this all pans out. My DNN seems to work ok with the architecture, but it’s a different security model.
I wanted to test distributed agents, as I’m not going to be installing much on the IIS server VM, while some of my Dev VM’s will be “agents” and I’m not sure where I’m going to have all the FB7 components at this stage.
I figure you guys have gone to town with async messaging, so I’m hoping that some of it’s durable as well, because my VM are up and down all day as I test different configurations.

Hi Jamie

Agents on other machines are fine (and that’s the intention with agents), but the web interface and the Continua Server service must be on the same machine. We initially envisaged that they could be on separate machines, but there were so many security and performance issues that we gave up on that idea. As for remote agents, one of the remote agents assigned to my dev copy of continua is in Dallas, Tx. Works fine… just a little slow thanks to our crappy internet speed. On the todo list is spinning up EC2 instances based on demand.

I found an interesting article around this issue on stack exchange. http://stackoverflow.com/questions/1274018/system-security-securityexception-when-writing-to-event-log
I’m worried that I haven’t catered for this in my production apps now. .