Windows device status: Access denied
The Access denied error indicates that the user account dedicated for log collection does not have the necessary access and permissions to collect logs from the respective devices.
There are two approaches to fixing the error:
- Using a domain admin account
- Using a service account with the necessary privileges
- Using a domain admin account:
- Go to the Settings tab > Configuration > Manage Devices > Windows Devices. Click Update next to the listed device. Enable the Use domain credentials check box, then select Update.
- Go to the Settings > Admin Settings > Domains and Workgroups. Click Update next to the Domain Name. Enter the domain admin credentials, then select Update.
- Using a service account with the necessary privileges:
- Go to Settings > Configuration > Manage Devices > Windows Devices. Click Update next to the listed device. Enable the Use domain credentials check box, then select Update.
- Refer to this guide for step-by-step instructions on configuring a service account.
- You will need the following permissions and privileges to use a service account:
- User groups:
- Event Log Readers
- Distributed COM Users
- User rights to be granted:
- Act as part of the operating system
- Log on as a batch job
- Log on as a service
- Replace a process level token
- Manage Auditing and Security Log Properties
- User permissions to be granted:
- Enable Account
- Remote Enable
- Read Security
- Once you have the necessary privileges, go to Settings > Admin Settings > Domains and Workgroups. Click the update icon in the Actions column. Enter the service account credentials, then select Update.
New to ADSelfService Plus?
Related Articles
Windows device status: RPC server is unavailable
The RPC server is unavailable error will be displayed in the device status field if there isn’t any communication between the EventLog Analyzer server and the respective machine from which the logs should be collected. This lack of communication ...Network device status shows 'Device not Reachable'
Issue description A network device in EventLog Analyzer will display the status "Device not Reachable" if the last message received by the EventLog Analyzer server from the device is greater than 24 hours. This message will display in the log sources ...How to use a Device Group in EventLog Analyzer to update credentials for Windows devices
Objective This article offers detailed information on how to use a Device Group in EventLog Analyzer to update credentials for Windows log sources. Prerequisites You'll need administrator access to EventLog Analyzer. Steps to follow Step 1: Log in to ...No data or logs collected from syslog device
Issue description During the initial setup or while using EventLog Analyzer, you might notice that logs are not being collected from a syslog device or that syslog device reports do not show any recent data. EventLog Analyzer uses device status ...How to migrate EventLog Analyzer standalone edition to different server or drive [Windows to Windows]
Objective This article provides a detailed step-by-step guide to migrate EventLog Analyzer Standalone instance (not integrated with Log360) to a new server or different server or drive. Prerequisites Refer to the System Requirement to plan the new ...