WARNING -Provider resources not accessible running wevtutil

Question

I need help solving the \"Provider \'\' resources not accessible when trying to create a windows event provider. I create my manifest file with the ManGen utility, and name

Answer 1

When you install your manifest (e.g. wevtutil im manifest.man), you should see some sort of a warning if the resources aren't available:

**** Warning: Publisher EventsProvider resources are not accessible.

To get some additional information, try to retrieve information on one of the publishers. For example:

c:\...> wevtutil gp <EventProviderName>
Failed to open metadata for publisher <EventProviderName>. Access denied.

Ok, the above suggests a permissions problem, so let me make the path accessible and try again:

c:\...> wevtutil gp <EventProviderName>
Failed to open metadata for publisher <EventProviderName>. The specified resource
type cannot be found in the image file.

For the above, it looks like the resource didn't get compiled in correctly.

If you go File->Open with VS and open your exe in the resource viewer you should be able to see the resources that were compiled in. You should at least have a "WEVT_TEMPLATE" entry.

For the resource to be compiled in correctly, csc needs to be passed the resource as follows:

csc /win32res:<Resource.res>

Answer 2

I had the exact same error but the solution was slightly different to the other answers that have already been posted. I had to open the manifest file and change the resourceFileName and messageFileName attributes to use absolute paths to the application executable.

Answer 3

I experienced the similar problem. The solution is to

• use absolute paths wherever possible and stay away from relative paths
• make sure everyone has read access to manifest files

If your manifest files are called manifest.man and manifest.dll, then

• grant read access to everyone

  icacls %~dp0\manifest.* /t /grant Everyone:R

• use absolute paths to install (%~dp0 variable could be used if you are using a batch file)

  wevtutil im %~dp0\manifest.man /rf:"%~dp0\manifest.dll" /mf:"%~dp0\manifest.dll"

Answer 4

The dll you are registering needs to have a particular set of file permissions. I suspect that the event logging service runs under the "local service" account. So just giving SYSTEM access rights is not enough. I solved by problem by giving the "USERS" group on my PC "read & execute" priviledges.

I ran into a nasty problem that took a day to track down. I shared my project working folder and then unshared it. For some reason this removed the "USERS" access priviledges. I think this is the reason than the event tracing samples in the windows SDK copy all the dlls to a special folder under the C drive and install the provider from there. When you create folders under C drive the USERS group is given access automatically.