New
#111
Hi,
The link provided is valid for XP OS.
The event viewer error in W10 refers to Windows Insider service and afaik only needs local permissions set not the remote ones.
Cheers,
Hi,
The link provided is valid for XP OS.
The event viewer error in W10 refers to Windows Insider service and afaik only needs local permissions set not the remote ones.
Cheers,
Well, here's a doozy. This error 10016 came up again, but there is no item in DCOM Config that matches the CLSID or APPID. The registry keys exist, and I got "Done" after running the powershell script, but where's the DCOM item?
The error is this:
Log Name: System
Source: Microsoft-Windows-DistributedCOM
Date: 10/1/2016 5:24:31 PM
Event ID: 10016
Task Category: None
Level: Error
Keywords: Classic
User: SYSTEM
Computer: DESKTOP-3OLB09N
Description:
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-DistributedCOM" Guid="{1B562E86-B7AA-4131-BADC-B6F3A001407E}" EventSourceName="DCOM" />
<EventID Qualifiers="0">10016</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8080000000000000</Keywords>
<TimeCreated SystemTime="2016-10-01T21:24:31.568345300Z" />
<EventRecordID>1460</EventRecordID>
<Correlation />
<Execution ProcessID="916" ThreadID="948" />
<Channel>System</Channel>
<Computer>DESKTOP-3OLB09N</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="param1">application-specific</Data>
<Data Name="param2">Local</Data>
<Data Name="param3">Activation</Data>
<Data Name="param4">{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}</Data>
<Data Name="param5">{F72671A9-012C-4725-9D2F-2A4D32D65169}</Data>
<Data Name="param6">NT AUTHORITY</Data>
<Data Name="param7">SYSTEM</Data>
<Data Name="param8">S-1-5-18</Data>
<Data Name="param9">LocalHost (Using LRPC)</Data>
<Data Name="param10">Unavailable</Data>
<Data Name="param11">Unavailable</Data>
</EventData>
</Event>
The problem is that CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} points to "CDP Activity Store", and there is no "CDP Activity Store" in DCOM Config.
What to do?
Thanks.
Hi,
The quoted hive key is the DCOM item you'll find in DCOMCNFG :The problem is that CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} points to "CDP Activity Store", and there is no "CDP Activity Store" in DCOM Config.
You'll need to add the SYSTEM account.F72671A9-012C-4725-9D2F-2A4D32D65169
You can configure it just like any other DCOM object once you've granted the Administrators group rights to do so through Regedit.exe.
Keep in mind that the first hive key needs to be reset to SYSTEM, the second to Trusted Installer.
Sorry for keeping it short, I have a broken wrist so typing isn't easy to do.
Best,
fdegrove - sorry to hear about the wrist! Please use any other available appendage and don't worry about spelling or punctuation!
FIRST - I found the APPID number at the bottom of the DCOMs just as you said. But when I tried to Add "NT AUTHORITY\SYSTEM SID (S-1-5-18)", it failed. (See screenshot below, which might be too small.)
So instead I added "SYSTEM" and gave it both Local Launch and Local Activation. Is that it? Or should I have Added something else?
SECOND - I don't know what you mean by "Keep in mind that the first hive key needs to be reset to SYSTEM, the second to Trusted Installer." Doesn't the powershell script take care of that? If not, what should I do?
Pound away, old man! Many thanks.
Hi,
Thx for the heads up.
This : AUTHORITY\SYSTEM equals this: SYSTEM so you're good on that one.FIRST - I found the APPID number at the bottom of the DCOMs just as you said. But when I tried to Add "NT AUTHORITY\SYSTEM SID (S-1-5-18)", it failed. (See screenshot below, which might be too small.)
So instead I added "SYSTEM" and gave it both Local Launch and Local Activation. Is that it? Or should I have Added something else?
When you're done editing DCOM you need to check the corresponding hive keys for correct ownership running regedit.exe.SECOND - I don't know what you mean by "Keep in mind that the first hive key needs to be reset to SYSTEM, the second to Trusted Installer." Doesn't the powershell script take care of that? If not, what should I do?
The first hive key in Event viewer is owned by SYSTEM , the second by Trusted Installer.
I am not sure the Powershell script takes care of that in this particular case.
Cheers,
fdegrove - In regedit now:
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919} is owned by TrustedInstaller
and
{F72671A9-012C-4725-9D2F-2A4D32D65169} is also owned by TrustedInstaller
Should one of them be changed?
Hi,
Yep. That one should be owned by SYSTEM actually.{8D8F4F83-3594-4F07-8369-FC3C3CAE4919} is owned by TrustedInstaller
Cheers,
On your system, is it owned by SYSTEM?
I ask only because I vaguely recall looking before starting an hour ago, and I vaguely recall TrustedInstaller.
Could I ask you to check? Sorry!
And since you are in Belgium, je m'excuse mille fois.
Hi,
Yes, it is and that is how it was before I edited it.On your system, is it owned by SYSTEM?
:) Il n'y a pas de soucis.And since you are in Belgium, je m'excuse mille fois.
Bonne chance,
Should I replace owner on subcontainers and objects? See screenshot.