Windows device status: Access denied - Online help | EventLog Analyzer

Windows device status: Access denied

The Access denied error indicates that the user account dedicated for log collection does not have the necessary access and permissions to collect logs from the respective devices.
There are two approaches to fixing the error:
  1. Using a domain admin account
  2. Using a service account with the necessary privileges
  1. Using a domain admin account:
    1. Go to the Settings tab > Configuration > Manage Devices > Windows Devices. Click Update next to the listed device. Enable the Use domain credentials check box, then select Update.
    2. Go to the Settings > Admin Settings > Domains and Workgroups. Click Update next to the Domain Name. Enter the domain admin credentials, then select Update.
  2. Using a service account with the necessary privileges:
    1. Go to Settings > Configuration > Manage Devices > Windows Devices. Click Update next to the listed device. Enable the Use domain credentials check box, then select Update.
    2. Refer to this guide for step-by-step instructions on configuring a service account.
    3. You will need the following permissions and privileges to use a service account:
      1. User groups:
        1. Event Log Readers
        2. Distributed COM Users
      2. User rights to be granted:
        1. Act as part of the operating system
        2. Log on as a batch job
        3. Log on as a service
        4. Replace a process level token
        5. Manage Auditing and Security Log Properties
      3. User permissions to be granted:
        1. Enable Account
        2. Remote Enable
        3. Read Security
  1. Once you have the necessary privileges, go to Settings > Admin Settings > Domains and Workgroups. Click the update icon in the Actions column. Enter the service account credentials, then select Update.

                New to ADManager Plus?

                  New to ADSelfService Plus?

                    • Related Articles

                    • Windows device status: RPC server is unavailable

                      The RPC server is unavailable error will be displayed in the device status field if there isn’t any communication between the EventLog Analyzer server and the respective machine from which the logs should be collected. This lack of communication ...
                    • Does the given credentials of a Windows device have permission for log collection?

                      Case 1: The account is a local administrator or a domain administrator. The credentials will, by default, have the required permissions. Case 2: The account is a non-admin domain user. Provide the non-admin domain user with the required permissions. ...
                    • Windows: File Integrity Monitoring (FIM) issues

                      Prerequisites: An agent needs to be deployed on the respective machine. Open the EventLog Analyzer GUI. Go to the Settings tab > Configuration > Manage File Integrity Monitoring. Configure the folders in the machine that should be monitored. Verify ...
                    • What to do if the IIS Site status shows "Failed"?

                      Troubleshooting: Open the server out log file and search for the exception following the line "New Import File Arrived". a. Exception: "File not found" Probable cause(s) and troubleshooting step(s): Log file was not created for the particular day. ...
                    • Windows agent service is not running

                      Establish a remote connection with the machine running the agent. Open services.msc and check if the ManageEngine EventLog Analyzer agent service is running. Open a web browser and ensure that the EventLog Analyzer web console is accessible. Open the ...