R41D3NN · March 30, 2017 16:58
diff --git a/ApplyWindowsEventLogPermissions.ps1 b/ApplyWindowsEventLogPermissions.ps1
 $username = "IIS APPPOOL\Identity"

 Function Set-PermissionsForEventLogSecurity($username)
 {
    $registryKeyPath = "HKLM:\SYSTEM\CurrentControlSet\Services\EventLog\Security"
    $acl = Get-Acl $registryKeyPath
    $inherit = [System.Security.AccessControl.InheritanceFlags]"ContainerInherit, ObjectInherit"
    $propagation = [System.Security.AccessControl.PropagationFlags]"None"
    $registryRights = [System.Security.AccessControl.RegistryRights]"QueryValue",
        [System.Security.AccessControl.RegistryRights]"EnumerateSubKeys",
        [System.Security.AccessControl.RegistryRights]"Notify",
        [System.Security.AccessControl.RegistryRights]"ReadPermissions"
    $registryAccessRule = New-Object System.Security.AccessControl.RegistryAccessRule($username, $registryRights, $inherit, $propagation, "Allow")
    $acl.AddAccessRule($registryAccessRule)
    $acl | Set-Acl -Path $registryKeyPath
 }

 Function Set-PermissionsForEventLog($username)
 {
    $registryKeyPath = "HKLM:\SYSTEM\CurrentControlSet\Services\EventLog"
    $acl = Get-Acl $registryKeyPath
    $inherit = [System.Security.AccessControl.InheritanceFlags]"ContainerInherit, ObjectInherit"
    $propagation = [System.Security.AccessControl.PropagationFlags]"None"
    $registryRights = [System.Security.AccessControl.RegistryRights]"QueryValue",
        [System.Security.AccessControl.RegistryRights]"EnumerateSubKeys",
        [System.Security.AccessControl.RegistryRights]"Notify",
        [System.Security.AccessControl.RegistryRights]"ReadPermissions",
        [System.Security.AccessControl.RegistryRights]"SetValue",
        [System.Security.AccessControl.RegistryRights]"CreateSubKey"
    $registryAccessRule = New-Object System.Security.AccessControl.RegistryAccessRule($username, $registryRights, $inherit, $propagation, "Allow")
    $acl.AddAccessRule($registryAccessRule)
    $acl | Set-Acl -Path $registryKeyPath
 }

 Set-PermissionsForEventLog($username)
 Set-PermissionsForEventLogSecurity($username)5
	$username = "IIS APPPOOL\Identity"

	Function Set-PermissionsForEventLogSecurity($username)
	{
	$registryKeyPath = "HKLM:\SYSTEM\CurrentControlSet\Services\EventLog\Security"
	$acl = Get-Acl $registryKeyPath
	$inherit = [System.Security.AccessControl.InheritanceFlags]"ContainerInherit, ObjectInherit"
	$propagation = [System.Security.AccessControl.PropagationFlags]"None"
	$registryRights = [System.Security.AccessControl.RegistryRights]"QueryValue",
	[System.Security.AccessControl.RegistryRights]"EnumerateSubKeys",
	[System.Security.AccessControl.RegistryRights]"Notify",
	[System.Security.AccessControl.RegistryRights]"ReadPermissions"
	$registryAccessRule = New-Object System.Security.AccessControl.RegistryAccessRule($username, $registryRights, $inherit, $propagation, "Allow")
	$acl.AddAccessRule($registryAccessRule)
	$acl \| Set-Acl -Path $registryKeyPath
	}

	Function Set-PermissionsForEventLog($username)
	{
	$registryKeyPath = "HKLM:\SYSTEM\CurrentControlSet\Services\EventLog"
	$acl = Get-Acl $registryKeyPath
	$inherit = [System.Security.AccessControl.InheritanceFlags]"ContainerInherit, ObjectInherit"
	$propagation = [System.Security.AccessControl.PropagationFlags]"None"
	$registryRights = [System.Security.AccessControl.RegistryRights]"QueryValue",
	[System.Security.AccessControl.RegistryRights]"EnumerateSubKeys",
	[System.Security.AccessControl.RegistryRights]"Notify",
	[System.Security.AccessControl.RegistryRights]"ReadPermissions",
	[System.Security.AccessControl.RegistryRights]"SetValue",
	[System.Security.AccessControl.RegistryRights]"CreateSubKey"
	$registryAccessRule = New-Object System.Security.AccessControl.RegistryAccessRule($username, $registryRights, $inherit, $propagation, "Allow")
	$acl.AddAccessRule($registryAccessRule)
	$acl \| Set-Acl -Path $registryKeyPath
	}

	Set-PermissionsForEventLog($username)
	Set-PermissionsForEventLogSecurity($username)5
No results found