Event ID/Source search
Keyword search
Example: Windows cannot unload your registry file
EventID.Net Splunk Add-on
Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
read more...
Event ID: 10001 Source: DCOM
| Source: DCOM |
| Maintenance: Recommended maintenance tasks for Windows servers |
| Type: Error |
| Description: Unable to start a Dcom Server: computer name as <account>. The error: "<error>" Happened while starting this command: <command> |
| English: Request a translation of the event description in plain English. |
| Concepts to understand: What is DCOM? |
| Comments: Peter Hayden - Error: "The system could not find the environment option that was entered" - This happened when a corrupt profile was copied to the location of the roaming profile of another user and that user was then logged on. Logon as an Administrator, delete local copy of the profile, and configure the roaming profile correctly.  x
15
EventID.Net This event can occur if there is not enough memory available or if an error occurred with another file that the COM infrastructure depends on. See MSW2KDB for additional information about this event. x
16
EventID.Net - Account: IWAM_Account, error: "Access is denied", command: "C:\WINNT\system32\dllhost.exe /Processid:{ }" - From a newsgroup post: "Please first test to run this site in IIS process to see if it is able to work, this launches the site under System account but not IWAM: In IIS MMC, right-click the Default Web Site->SUSAdmin vdir and open its properties. In the Virtual Directory dialog set Application Protection to Low (IIS Process). Run iisreset command in Start->Run to restart IIS. Then please test the SUS site again and if it still fails, check event log to see if there is any new error log. If you hope to deeply troubleshoot the IWAM error, please change the setting back and download Filemon from Sysinternals. Include only “dllhost.exe” in filemon's toolbar->filter. Then browse to the SUS site to reproduce the error and check if this generates any access denied events in filemon. It is also possible that the permission is denied in registry, you may perform test with regmon in the same way. Furthermore, in Administrative Tools->Local Security Policy->Local Policies->User Rights Assignment, check if IWAM account has been granted with the “Bypass traverse checking” right. By default, the local Everyone group has this permission". x
16
EventID.Net As per Microsoft: Explanation: The server may not be configured properly. User Action: Check that the server is configured properly. Also, check that the user Id and password are correct and that the application is installed correctly. x
13
|
| Private comment: Subscribers only. See example of private comment |
| Links: www.microsoft.com/WINDOWS2000/en/messages/3553.htm, Sysinternals Filemon, Sysinternals Regmon, MSW2KDB |
| Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links... |
| Feedback:
Send comments or solutions
- Notify me when updated
|
| Printer friendly |
Subscribe to EventID.Net now!