New
#331
no i use just start10 without UxTheme Signature Bypass, there's no aeroglass yet for 1709 version
no i use just start10 without UxTheme Signature Bypass, there's no aeroglass yet for 1709 version
I wrote a batch file to re-set the dcom permissions in hopes of clearing this all up.
I will spare you the details and reasons why this keeps cropping up, but suffice it to say, Microsoft needs to clean up their mess better.
so my script requires you locate a compiled copy of the DcomPerm.exe tool
(If I can paste URLs, I found it here: Steven Van de Craens Blog )
You will also need a copy of setACL.exe. for both 32bit and 64bit windows.
Download Delprof2, SetACL (Studio) and uberAgent • Helge Klein
I have both in the same folder, renamed as setACL32.exe and setACL64.exe respectively, and my script looks at the OS of the machine you are running on and selects the appropriate one.
Create a folder, copy those files into it, and save this script in there as "Find_and_Fix_Dcom.bat".
The very first line of my script will prompt for elevation if the script was not run as administrator. (I am quite proud of that single line of code. You can add that line to the top of any batch file you want to always run as admin. )
Moving on, the script uses WevtUtil to look in the eventlog for dcom 10016 errors and extracts the important bits from the error to determine what permissions to set. Then it takes ownership of the appropriate registry key, sets the permissions for the appid, and grants Local Activation to the BUILTIN\Users group before restoring TrustedInstaller as the owner of the key.
Finally, it gives a little report on what appid's were fixed.
So without further ado, here is the script:
------------
Code::ELEVATE @echo off &>nul 2>&1 fsutil dirty query %systemdrive% || echo CreateObject^("Shell.Application"^).ShellExecute "%~0", "%*", "", "runas", 1 > "%temp%\uac.vbs" && "%temp%\uac.vbs" && exit /b & CD /d %~dp0 setlocal EnableDelayedExpansion set workdir=%~dp0 if defined ProgramFiles(x86) (set SETACL=%workdir%setACL64.exe) else (set SETACL=%workdir%setACL32.exe) set keypath=HKEY_CLASSES_ROOT\AppID echo [ Fetching DCOM Errors from eventlog... ] for /f "usebackq tokens=1-7" %%A in (`wevtutil qe System /rd:true /f:text /q:"*[System[EventID=10016]]" ^|findstr "{ user"`) do ( set PARAM=%%A set USERID= rem set PARAM=!PARAM:~0,1! if /I "!PARAM:~0,1!"=="{" ( set APPID=%%A ) rem The CLSID will automatically get overwritten by the APPID from the output of wevtutil. Sneaky! if "%%C"=="user" (rem Find the user ID and get the whole thing... IE, NT Authority/Local Service, NT Authority/System, Computername\user. if "%%G" EQU "SID" (set USERID=%%D %%E %%F) if "%%F" EQU "SID" (set USERID=%%D %%E) if "%%E" EQU "SID" (set USERID=%%D) if not defined !APPID!!USERID! (rem Dont do it if its already been done. echo. echo. echo "!USERID!" needs Local Activation permissions to !APPID!. openfiles > nul if %errorlevel% equ 0 ( echo [ Setting ADMINS as owner of the registry key %keypath%\!APPID! and grant full control ] %SETACL% -on "%keypath%\!APPID!" -ot reg -actn setowner -ownr "n:S-1-5-32-544" -silent %SETACL% -on "%keypath%\!APPID!" -ot reg -actn ace -ace "n:S-1-5-32-544;p:full;s:y;i:so,sc;m:set;w:dacl" -silent echo [ Granting DCOM local activation permissions... ] %workdir%dcomperm -al !APPID! set "!USERID!" permit level:la rem Also granting local activation to the local users group because this might actually be the magic bullet. (and chrome was still causing the error) %workdir%dcomperm -al !APPID! set "BUILTIN\Users" permit level:la echo [ Restoring TrustedInstaller as owner ] REM because if you dont, you will get dcom errors for a different reason. (Citing required) %SETACL% -on "%keypath%\!APPID!" -ot reg -actn setowner -ownr "n:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464;s:y" -silent echo. ) rem some examples... rem setACL64.exe -on "HKEY_CLASSES_ROOT\AppID\{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}" -ot reg -actn setowner -ownr "n:S-1-5-32-544" rem setACL64.exe -on "HKEY_CLASSES_ROOT\AppID\{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}" -ot reg -actn ace -ace "n:S-1-5-32-544;p:full;s:y;i:so,sc;m:set;w:dacl" rem dcomperm -al {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} set "BUILTIN\Users" permit level:la rem setACL64.exe -on "HKEY_CLASSES_ROOT\AppID\{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}" -ot reg -actn setowner -ownr "n:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464;s:y" rem echo %workdir%\dcomperm -al !APPID! set !USERID! permit level:la rem Flag this appid as completed. set !APPID!!USERID!=done ) ) rem End of For Loop ) echo. set { echo [ Finished ] echo. echo Finished fixing dcom. Press any key to clear event logs pause for /f "tokens=*" %%a in ('WEVTUTIL EL') do (WEVTUTIL CL "%%a") echo event logs cleared. All Done! timeout 30 :EXIT
Nonsense. It is a universal problem in the sense that lots and lots of installations have these. It's quite possible that there are some that don't, but if so I haven't seen any of the latter kind. And, most of these are due to obvious misconfigurations of DCOM object permissions.
Some of them pose as permissions errors, but no matter what permissions you add they will persist. Those turn out to be related to the complete and utter mess that Microsoft has created by bolting new types of SID's (those infamous app container SIDSs) onto that Rube Goldberg contraption that is Windows 10.
Like I have commented before, Microsoft seems to have lost control of their code base. Oh well.
I would not recommend an automated procedure of that kind. Unfortunately, some DCOM objects have permissions structures that are completely effed up (the infamous RuntimeBroker is one of these, by the way) such that permissions cannot be added without removing some unknown permissions, with equally unknown consequences. You have been warned.
Hello,
Details of problem given below:
Log Name: SystemSource: Microsoft-Windows-DistributedCOMDate: 17.11.2017 20:26:41Event ID: 10016Task Category: NoneLevel: ErrorKeywords: ClassicUser: DESKTOP-******\(user name)Computer: DESKTOP-S93V0F1Description:The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-******\(user name) SID (S-1-5-21-3948725417-1733483578-2447231803-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
I tried every single solution given in ten forums and Microsoft related forums (like social.technet.microsoft) in every details. But no any permanent solution was obtained. Lastly I applied the solution step by step every detail of it given in the link:
https://appuals.com/how-to-fix-dcom-error-10016-on-windows-7-8-and-10/
Thisone worked for me. Now notices in "Event Viewer" disappeared for DCOM.
I have a similar issue:
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user michele\my pc SID (S-1-5-21-2832376193-1952021688-2811500842-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c SID (S-1-15-2-2246530975-808720366-1776470054-230329187-4153223113-3550430174-4193313734). This security permission can be modified using the Component Services administrative tool.
After roughly 20 minuts after I turn on the computer, the scereen freezes. I can still hear the audio and move the pad on the screen, but the rest of the screen is frozen. Even ctrl+alt+canc is useless.
I have already tried the standard procedure: hkey_classes_root/clsid/{C2F03A33-21F5-47FA-B4BB-156362A2F239
dcomcnfg --> component services --> dcom config --> immersive shell --> properties --> security --> launch an activation permission --> edit --> type my user's account name --> select "allow" in for all the check boxes.
However, it does not work! I no longer know how to do, does anyone has any idea? Thx
"You will have to open regedit with admin rights, navigate to HKeyClassesRoot\CLSId and when you find the id in question, right click then Permissions and temporarily change owner from TrustedInstaller to Administrators.
Same for HKEYLocalMachine\Appid."
after I press to permissions, i can't change anything , because it appears a window saying:
" unable to save permissions changes on (CLSID id ). Access is denied