When running an application pool in IIS under a different user than the default, for an application that requires write access to the Event Log (for example, when trying to create a new event source in your application), it is necessary to grant that user sufficient access to the event log in the registry. Otherwise, you would receive the following error:
System.Security.SecurityException: Requested registry access is not allowed.
However, using Windows 2003 Server, I found that granting ‘read’ access to the event log wasn’t enough; the full set of permissions I ended up need to grant to the app pool user on the
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog key in the registry is as follows:
I hope that this helps someone.