Event ID/Source search
Keyword search
Example: Windows cannot unload your registry file
Event ID: 10016 Source: DCOM
| Source: DCOM |
| Maintenance: Recommended maintenance tasks for Windows servers |
| Type: Error |
| Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {<CLSID>} to the user <user> SID (<SID>). This security permission can be modified using the Component Services administrative tool. |
| English: This information is only available to subscribers. An example of English, please! |
| Concepts to understand: What is COM? What is DCOM? How does a COM server register with DCOM? |
| Our approach: This information is only available to subscribers. An example of Our approach |
| Comments: TomL In my case it was SBS2011 (W2008R2 with Sharepoint) and CLSID {000C101C-0000-0000-C000-000000000046} and APPID {000C101C-0000-0000-C000-000000000046} to the user domain\spfarm SID (S-1-5-21-527237240-1965331169-839522115-4665) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. Since the permissions in the component services are resticted you have to set these first by changing the owner and permissions on the registrykey HKey_Classes_Root\Api\{000C101C-0000-0000-C000-000000000046}.  x
23
EventID.Net T751272 contains information on how to troubleshoot DCOM-related issued (settings, security, setup, tools). x
11
EventID.Net For CLSID {61738644-F196-11D0-9953-00C04FD919C1}, if this occurs after the installation of Windows SBS 2011 according to ME2483007, this type of errors are benign and may be safely ignored. x
16
EventID.Net According to TB643195, if the user name referenced in the event is the "NETWORK SERVICE" account then this occurs because this account does not have Activate permissions in DCOM. See the article for the steps to take to grant this type of access. x
79
EventID.Net CLSID BA126AD1-2166-11D1-B1D0-00805FC1270E - See EV100140. x
12
Why bother deciphering Event logs when GFI EventsManager can do everything for you? Free trial here! EventID.Net See ME920783 if you get this after you install Windows SharePoint Services 3.0. x
11
EventID.Net TB457148 (Security-Related Policy Settings) provides a good explanation of the two categories of security permission, Launch security permission and Access security permission. x
16
Anonymous CLSID: 24FF4FDC-1D9F-4195-8C79-0DA39248FF48 refers to B292921D-AF50-400c-9B75-0C57A7F29BA1 in the registry which is the CLSID of the NAP Service agent. When I tried to edit the permissions in Component Services, I found that all the options were greyed out. I checked the services console and discovered that the NAP service was not running. The out-of-box configuration for Windows Server 2008 the Network Access Protection Agent start-mode is apparently "manual"¯. Once I changed the start mode for that service and then started the service DCOM error was corrected, I have not seen an error since. x
54
Anonymous My issue was related to Kaspersky - see EV100096. x
17
Anonymous CLSID: {24FF4FDC-1D9F-4195-8C79-0DA39248FF48} - This may be caused by a Kaspersky Anti-Virus bug. See EV100094 - "Cannot access Microsoft NAP Agent: Event ID 10016". x
30
Anonymous I got this event on a Windows Small Business Server 2008 & SharePoint. The CLSID was {61738644-F196-11D0-9953-00C04FD919C1} and the user account NETWORK SERVICE. Changing the security settings for this user account in the Component services "IIS WAMREG admin Service" to allow Local Start and Local activate, fixed the problem for me. x
42
Gordon Pegue In my case, I received this error on a target machine when I attempted to run the Group Policy Results Wizard in the GPMC against the target machine from an admin machine within the same domain. The CLSID was {8BC3F05E-D86B-11D0-A075-00C04FB68820}, which is the WMI service. W2K3 SP2 DC and XP SP3 clients. Making sure that TCP port 135 was open on both the target and the admin machine as well as allowing the "Remote Admin Exception" for both profiles by means of a domain-based GPO solved the issue. For more info, refer to T782615. x
11
Anonymous In regards to this problem, I found the post on "Mike H. - Another Geek In Need" blog quite useful. See EV100033. x
13
Nick Whittome I had this issue similar with "Anonymous (Last update 10/30/2006)". However, in my case, I simply set the component security to "Default" and the problem was solved. x
14
Why bother deciphering Event logs when GFI EventsManager can do everything for you? Free trial here! Bronson Magnan To correct this error do the following: 1. Open Component Services, go to Computers -> My Computers -> DCOM Config. 2. Expand DCOM config until you get down to the CLSID, they appear after the named items. 3. Right click the CLSID, check the launch parameters; they will probably be set to custom and not containing any accounts. 4. Use the SID in the event log item, run it against PsGetSid, to get which account is needed. 5. Put that account in and configure the necessary requested launch permissions. PsGetSid is part of a growing kit of command-line tools that aid in the administration of local and remote Windows NT/2K systems named PsTools. See the link below for more details. x
56
Umair Jawed See the EV100033 link to "SharePoint 2007 Server Issues Revisited" for information on this problem. x
13
EventID.Net As per MSW2KDB, a program, the Clsid displayed in the message, tried to start the DCOM server by using the DCOM infrastructure. Based on the security ID (SID), this user does not have the necessary permissions to start the DCOM server. See ME899965 and EV100029 for additional information on fixing this problem. From a newsgroup post: "Windows XP SP2 and Windows 2003 SP2 introduced a machine-wide AccessCheck call that must succeed in addition to other specific access checks. You can modify the settings of this machine-wide AccessCheck by using Component Services. Right-click on My Computer -> Properties, and click on the COM Security tab. Also, have a look at the TB457156, document ("Changes to Functionality in Microsoft Windows XP Service Pack 2 - Network Protection Technologies"), in the section marked "DCOM Security Enhancements". This may be helpful to you". x
3
EventID.Net Windows XP Service Pack 2 changes some security settings to increase security for your system. One of these increased settings interacts with the way MCMS works in a way that it prevents a COM component from being activated. See the EV100032 link to "MCMS Complete FAQ" for a solution to this problem. The problem is caused by a mismatch of files that occurs when you install Microsoft Internet Information Services. This problem occurs if you install IIS from an installation point that is not running Windows Server 2003 SP1. See ME908181 for details on this issue. See ME817065, ME913119, ME913666, ME919090, ME919592, ME920720, ME922354, ME930461, ME931355 and ME937534 for additional information about this event. x
2
Jimbo In my case, I had the same CLSID as Linda. Here is the additional information she omitted that is needed to correct the problem: In Component Manager, under DCOM config, go to netman, browse to the Security Tab, edit the Launch and Activation Permissions and make the necessary changes. In this case, NETWORK SERVICE needs to be added with Local Launch and Local Activation permissions. x
4
Anonymous In my case, I received this event on a W2K3 server with SharePoint 3.0. The CLSID was {61738644-F196-11D0-9953-00C04FD919C1} and the user account WSS_ADMIN_WPG. Changing the security settings for this user account in the Component services "IIS WAMREG admin Service" to allow Remote Start and Remote Activate, fixed the problem for me. x
8
Anonymous In my case, I received this event on a W2K3 server with Citrix PS4. The CLSID was CLSID{49BD2028-1523-11D1-AD79-00C04FD8FDFF} = "Microsoft WBEM Unsecured Apartment" and the user account was Ctx_SmaUser. Changing the security settings for this user account in the Component services "Microsoft WBEM Unsecured Apartment" to allow Remote Start and Remote Activate, fixed it for me. x
6
Linda We had this problem after installing Win2k3 SP1. The information listed on EV100030 was exactly our problem but just ticking Remote Launch and Remote Activation did not fix the problem. Ticking Local Launch and Local Activation did fix the problem. x
4
Anonymous See ME895200 for a hotfix applicable to Microsoft Windows XP. x
2
Why bother deciphering Event logs when GFI EventsManager can do everything for you? Free trial here! Olexandr A. Bilyk ME555099 has information on this event. x
1
Paul Carter I received this event when attempting to access the Administration web page for Virtual Server 2005. This happened after changing the guest OS from Windows XP SP1 to Windows XP SP2. The increased security of SP2 had stopped me from accessing the admin page. ME891609 has detailed information on the issue but their suggested fix did not solve the issue. Setting to “Use Default” as mentioned by contributor PaulD did the trick. x
1
Pavel Dzemyantsau 1. Open the registry and go to "HKEY_CLASSES_ROOT\CLSID\{<CLSID in the event message>} to find out friendly name of this component. In my case, this is "Machine Debug Manager” (CLSID: 0C0A3666-30C9-11D0-8F20-00805F2CD064). 2. Go to Component Services via Start -> Control Panel -> Administrative Tools -> Components Services. Expand the Component Services branch then expand "Computers", "My Computer", and "DCOM Config". Right-click on "Machine Debug Manager" (or whatever your CLSID represents) and choose Properties. Click on the Security tab and under “Launch and Activation Permissions” select "Use Default". Click OK, close the Component Services window. The error should disappear now. x
50
|
| Private comment: Subscribers only. See example of private comment |
| Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue - More links... |
| Custom search for *****: Google - Bing - Microsoft - Yahoo |
| Feedback:
Send comments or solutions
- Notify me when updated
|
| Printer friendly |
Subscribe to EventID.Net now!