Cannot write to Event Log from asp.net on Windows Server 2012 AZURE VM

I found this post

http://social.technet.microsoft.com/Forums/windowsserver/en-US/986554cf-aca9-448c-8836-3881b5bcf7fa/default-customsd-for-system-application-and-security-log-on-windows-2008?forum=winserversecurity

And tried what was mentioned there but I feel like there's a difference between server 2008 and 2012 because I can't get this to work at all...

I created the Event Source using powershell... So the source exists I can see it in event viewer and inside the registry

I've tried what's suggested here in this KB and nothing I do seems to have any affect

http://support.microsoft.com/kb/2028427/en-us

Here's a list of well known SIDS that I just randomly tried a bunch of and still there is no affect and I keep getting the same exception

InvalidOperationException : Cannot open log for source 'XXXXXXXX.Services COM Library"'. You may not have write access.

http://support.microsoft.com/kb/243330/en-us

Here's my code for writing to the source

string sSource;string sLog ="Application";var eventLog =newEventLog(sLog);

        sSource ="XXXXXXXX.Services COM Library";


        eventLog.Source= sSource;
        eventLog.WriteEntry(sEvent, entryType);

I issued the following command against both "system" and "application" to get the value for CustomSD

wevtutil gl system > C:\temp\out.txt

I've tried both of those as the root for the CustomSD value and then I tried appending a few different variations to it to make it work

I tried appending the world (A;;0x3;;;S-1-1-0) And that didn't work

And then also the SIDS that were indicated for IUSR in that list of common SIDS (http://msdn.microsoft.com/en-us/library/cc980032.aspx).....

this is coming from a COM library that's been registered with REGASM.... I was able to give the COM library access to a directory to write files by giving it IUSR permissions but I can't get it to write to an event source to save my life...

Besides just continuing down the path of trying different other random ACL combinations I'm sort of at a loss of what to try next...

Also if anyone has any suggestions of a better way to debug this or (for example) see the security exception somewhere coming from the asp.net application that would also be helpful.... Changing that REGKEY, rebooting, and then trying to write to the event source all just seem all very arbitrary so it'd be nice to have something with more substance I can look at for debugging this... I used Process Monitor to watch w3wp.exe reach out to the registry and it's reading the KEY that's relevant to the source I'm writing to

HKLM\System\CurrentControlSet\Services\EventLog\Application\XXXXXXXX.Services COM Library

But it's not reading from the CustomSD key so I'm not sure if that's an indicator of anything...