Event ID - 507

Event Id507
SourceMicrosoft-Windows-TerminalServices-Gateway
DescriptionLogging could not be disabled for the following TS Gateway event: "%1". The following error occurred: "%2". To resolve this issue, ensure that the correct permissions have been granted to the LogEvents registry key and that the Remote Registry service is started.
Event InformationAccording to Microsoft :
Cause :
This event is logged when logging could not be disabled for TS Gateway event.
Resolution :
Ensure that the required permissions are granted to the LogEvents registry key and that the Remote Registry service started
To resolve this issue, ensure that the correct permissions are granted to the LogEvents registry key. If this does not resolve the problem, ensure that the Remote Registry service is started.
To perform these procedures, you must have membership in the local Administrators group, or you must have been delegated the appropriate authority.
Grant the required permissions to the LogEvents registry key
Caution : Incorrectly editing the registry might severely damage your system. Before making changes to the registry, you should back up any valued data.
To grant the required permissions to the LogEvents registry key:
  1. On the TS Gateway server, click Start, click Run, type regedit, and then press ENTER.
  2. Navigate to the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServerGateway\Config\Core\LogEvents subkey, right-click the subkey, and then click Permissions.
  3. In the Permissions for LogEvents dialog box, under Group or user names, click SYSTEM. Under Permissions for SYSTEM, if Full control is not allowed, select the Allow check box adjacent to Full control.
  4. In the same dialog box, under Group or user names, click Administrators. Under Permissions for Administrators, if Full control is not allowed, select the Allow check box adjacent to Full control.
  5. Click OK.
If the problem persists, determine whether the Remote Registry service is started, and if it is not, start it.
Determine whether the Remote Registry service is started
  • If you enable or disable a service and you encounter a problem starting the computer, you might be able to start the computer in Safe Mode. Then you can change the service configuration or restore the default configuration.
  • If you stop, start, or restart a service, any dependent services are also affected.
To determine whether the Remote Registry Service is started:
  1. Click Start, point to Administrative Tools, and then click Services.
  2. In the Services snap-in, find Remote Registry, and then confirm that Started appears in the Status column.
  3. If the status is not Started, right-click Remote Registry, and then click Start.
  4. If the attempt to start only the service fails, restart the computer. This forces all related and dependent services to restart.
  5. If you want the service to always start automatically after the server is restarted, right-click Remote Registry, click Properties, and in Startup type, select Automatic.
Verify :
To verify that the TS Gateway server is available for client connections, examine Event Viewer logs and search for the following event messages. These event messages indicate that the Terminal Services Gateway service is running, and that clients are successfully connecting to internal network resources through the TS Gateway server.
To perform this procedure, you do not need to have membership in the local Administrators group. Therefore, as a security best practice, consider performing this task as a user without administrative credentials.
To verify that the TS Gateway server is available for client connections:
  1. On the TS Gateway server, click Start, point to Administrative Tools, and then click Event Viewer.
  2. In the Event Viewer console tree, navigate to Application and Services Logs\Microsoft\Windows\TerminalServices-Gateway, and then search for the following events:
    • Event ID 101, Source TerminalServices-Gateway: This event indicates that the Terminal Services Gateway service is running.
    • Event ID 200, Source TerminalServices-Gateway: This event indicates that the client connected to the TS Gateway server.
    • Event ID 302, Source TerminalServices-Gateway: This event indicates that the client connected to an internal network resource through the TS Gateway server.
Reference LinksEvent ID 507 from Source Microsoft-Windows-TerminalServices-Gateway

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.
 Refresh