Requested registry access is not allowed

Having a custom developed Web Service hosted on Windows 2008 Server, after some fine tuning on the system, the service started to respond with a SOAP fault stating “Requested registry access is not allowed”.

The origin of the error was the attempt the service made to write on the Event Log.

One of the changes we had made to the application was the application pool identity. It was running on Classic mode with a given domain account and we re-configured it to run on integrated mode with the application pool identity.

To grant rights to a given user account for writing on the Event Log, you should perform the steps to edit the registry described here:

  1. Find key “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog”
  2. Right-click and choose “Permissions”.
  3. Put in the desired account

The catch is that the application pool is running with the Application Pool Identity Account. This is a Windows user account called “IIS APPPOOL\AppPoolName”, which is created when the Application Pool is created, where AppPoolName is the name of the Application Pool.

On the permission dialog, search the local host for the “IIS APPPOOL\AppPoolName” replacing “AppPoolName” for your custom given name.

After that, the Web service worked fine.

Advertisements

One thought on “Requested registry access is not allowed

  1. Thank you Partilhar isto,

    This is help me very much, but I don’t find the user “IIS APPPoll\MyPoolName” in the list, so I use IIS_IUSR instead, and it’s work like a charm.

    Regards,
    Rudion

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s