wine users - Apr 2011 - API-MS-Win-Security-Base-L1-1-0.dll Failed To Initialize

Trying to run code I compiled on windows:

> 
> debian-test:~# /usr/local/bin/wine EventLogViewer.exe
> Application tried to create a window, but no driver could be loaded.
> Make sure that your X server is running and that $DISPLAY is set correctly.
> err:systray:initialize_systray Could not create tray window
> err:module:attach_process_dlls
"API-MS-Win-Security-Base-L1-1-0.dll" failed to initialize, aborting
> err:module:LdrInitializeThunk Main exe initialization for
L"Z:\\EventLog\\EventLogViewer.exe" failed, status c0000142
> 

Running it from putty, it's a console application... should work, right?

Copied API-MS-Win-Security-Base_l1-1-0.dll, getting this very vague error about
that library.



I'd of course just compile and run as a native Linux application but I need
these two files:

#include <winevt.h>

wevtapi.lib

For pulling logs over Windows RPC... neither which are available on Linux.

Not going to work any time soon.  Wine does not have a event log so its not
viewable.

So yes API-MS-Win-Security-Base will not run.  Wine is not a emulator and its
called that for a reason.

So far wine has had no real world reason to create a eventlog.   Wine errors
with more details to out to console.  In fact if anything does try to write to
eventlog it is just printed out on console.

Other than eventlog checking programs no real world application has been found
checking the evenlog.    Need to implement basically zero because console will
provide better details over the issues.

Now for remote snooping on windows event logs.  You don't need wine.  WMI is
just ms form of WBEM.  WBEM is kinda a unified standard and with it you can
probe windows machines eventlogs or Linux systems syslogs or what ever format
logs the OS that supports WBEM has.

http://docs.huihoo.com/zenoss/admin-guide/2.4.2/ch06s06.html

Yes the reach out get windows eventlogs from Linux is general operations for
many cross platform monitoring software suits.

StrangeWill
> For pulling logs over Windows RPC... neither which are available on Linux.

Basically I don't know where you got this from thinking I have software
doing this every 1 min or so from windows boxes being managed.   Even better
using zenoss I can set up auto responses to eventlog events.

Hi!
> Trying to run code I compiled on windows:
> 
> 
> > 
> > debian-test:~# /usr/local/bin/wine EventLogViewer.exe
> > Application tried to create a window, but no driver could be loaded.
> > Make sure that your X server is running and that $DISPLAY is set
correctly.
> > err:systray:initialize_systray Could not create tray window
> > err:module:attach_process_dlls
"API-MS-Win-Security-Base-L1-1-0.dll" failed to initialize, aborting
> > err:module:LdrInitializeThunk Main exe initialization for
L"Z:\\EventLog\\EventLogViewer.exe" failed, status c0000142
> > 
> 
> 
> Running it from putty, it's a console application... should work,
right?
Do you see the line saying "Application tried to create a window" ?
So, it's not a console application, when it tried to create a window. It
cannot
be run on a system without proper X server setup (of course it can be remote,
but the app requires it). Another line saying "Could not create tray
window"
just seconds, what has been said.
> 
> Copied API-MS-Win-Security-Base_l1-1-0.dll, getting this very vague error
about that library.
> 
> 
> 
> I'd of course just compile and run as a native Linux application but I
need these two files:
> 
> #include <winevt.h>
> 
> wevtapi.lib
> 
> For pulling logs over Windows RPC... neither which are available on Linux.
> 
Another point, already answered by oiaohm, is, that you probably don't need
event log viewer on Linux using wine.
> 
> 
> 
With regards, Pavel

oiaohm wrote:
> Not going to work any time soon.  Wine does not have a event log so its not
viewable.
> 
> So yes API-MS-Win-Security-Base will not run.  Wine is not a emulator and
its called that for a reason.
> 
> So far wine has had no real world reason to create a eventlog.   Wine
errors with more details to out to console.  In fact if anything does try to
write to eventlog it is just printed out on console.
> 
> Other than eventlog checking programs no real world application has been
found checking the evenlog.    Need to implement basically zero because console
will provide better details over the issues.
Yeah, I can see that pretty much the only use for this is querying event logs.


oiaohm wrote:
> 
> Now for remote snooping on windows event logs.  You don't need wine. 
WMI is just ms form of WBEM.  WBEM is kinda a unified standard and with it you
can probe windows machines eventlogs or Linux systems syslogs or what ever
format logs the OS that supports WBEM has.
> 
> http://docs.huihoo.com/zenoss/admin-guide/2.4.2/ch06s06.html
> 
> Yes the reach out get windows eventlogs from Linux is general operations
for many cross platform monitoring software suits.
> 
> StrangeWill
> 
> > For pulling logs over Windows RPC... neither which are available on
Linux.
> 
> 
> Basically I don't know where you got this from thinking I have software
doing this every 1 min or so from windows boxes being managed.   Even better
using zenoss I can set up auto responses to eventlog events.

WMI is a bit too slow for what we need to do, we're doing full auditing on
our servers, which when major changes are made to the file system will produces
thousands of logs a second (WMI will take minutes to catch up), and the DCOM
overhead puts a bit of CPU load on the servers. I wanted to move away from WMI
because of that.

As far as I understand it, Windows RPC is not DCOM WMI, unless there is a way to
make WMI requests over a non-DCOM interface.