mullerhawk
asked on
Event ID: 10015 (Unheard of DCOM problem?!)
Lately after some problems with a Windows Server 2003 domain controller got hung after installing service pack 1. I started getting these error messages in the System Eventlog:
The machine wide limit settings do not grant Remote Launch permission for the COM Server application with CLSID
{5A5AA0AA-1DEB-4683-96B0-B
to the user SPENDRUPS\tj2234 SID (S-1-5-21-220523388-162531
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
These messages show up every minute or so, and they fill upp the log quit quickly. I've been searching around for that event id, but cant find anything relating to this problem. They appear in the log 2+ times per user. The SID number is of course different for different users. I tried to remove the machine account and the computer from the domain, and re-added them. But the messages persist as long as that specific computer/user is active on the network.
Any ideas?!
The machine wide limit settings do not grant Remote Launch permission for the COM Server application with CLSID
{5A5AA0AA-1DEB-4683-96B0-B
to the user SPENDRUPS\tj2234 SID (S-1-5-21-220523388-162531
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
These messages show up every minute or so, and they fill upp the log quit quickly. I've been searching around for that event id, but cant find anything relating to this problem. They appear in the log 2+ times per user. The SID number is of course different for different users. I tried to remove the machine account and the computer from the domain, and re-added them. But the messages persist as long as that specific computer/user is active on the network.
Any ideas?!
First what is the event number? Second can you unintstall SP1?
ASKER
I have not tried to uninstall SP2... I doubt it will work . The domain controller is both the Global Catalog server. And the RID master. The event id is as in the header of this case : 10015 ;)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Perfect.. It works.. I hope is doesn't mess up anything with the security and/or remote launch capabilities...
We had the same problem, and I'm glad that I'm a member here at Experts Exchange. Thanks for the Swedish translation!
There is very little information regarding this, until you find out what application CLSID {5A5AA0AA-1DEB-4683-96B0-B
I ended up doing two things to resolve this:
1. Change the location where HP Port Resolver runs in DCOM.
a) Go to <b>Start > Run > dcomcnfg</b>
b) Find <b>HP Port Resolver</b> under <b>Console Root\Component Services\Computers\My Computer\DCOM Config</b> and open its Properties
c) Under the <b>Location</b> tab, check the box next to <b>Run application on the computer where the data is located.</b>
2. Uninstall all non-essential HP utilities and apps from the offending computer/user. We usually only install the driver when we install printers. This printer was installed as a local printer for this particular user, and the CD was used to install it. The HP Toolbox application was installed along with it, which can apparently cause problems.
This stopped the errors on our server. Giving that application permission to run may also solve the problem, but after reading about the problems that the software has caused others, I felt better getting rid of it rather than allowing any part of it to run.
Here's a link to the HP forums (scroll down a bit to see references to the {5A5A... bit):
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=370850
Hope this helps,
Brad
There is very little information regarding this, until you find out what application CLSID {5A5AA0AA-1DEB-4683-96B0-B
I ended up doing two things to resolve this:
1. Change the location where HP Port Resolver runs in DCOM.
a) Go to <b>Start > Run > dcomcnfg</b>
b) Find <b>HP Port Resolver</b> under <b>Console Root\Component Services\Computers\My Computer\DCOM Config</b> and open its Properties
c) Under the <b>Location</b> tab, check the box next to <b>Run application on the computer where the data is located.</b>
2. Uninstall all non-essential HP utilities and apps from the offending computer/user. We usually only install the driver when we install printers. This printer was installed as a local printer for this particular user, and the CD was used to install it. The HP Toolbox application was installed along with it, which can apparently cause problems.
This stopped the errors on our server. Giving that application permission to run may also solve the problem, but after reading about the problems that the software has caused others, I felt better getting rid of it rather than allowing any part of it to run.
Here's a link to the HP forums (scroll down a bit to see references to the {5A5A... bit):
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=370850
Hope this helps,
Brad
This is a additional update to this solution. The article was found at http://www.tech-archive.net/Archive/Windows/microsoft.public.windows.server.sbs/2007-10/msg01563.html
1. Click Start, click Run, type regedit in the Open box, and then click
OK.
2. Locate and then click the following registry subkey:
HKEY_CLASSES_ROOT\CLSID\CL
(For your issue, CLSID: {5A5AA0AA-1DEB-4683-96B0-B
Note In this subkey, "CLSID value" is a placeholder for the CLSID
information that appears in the message.
3. In the right pane, double-click AppID.
The Edit String dialog box appears. Leave this dialog box open and continue
to the next step.
4. Click Start, click Run, type dcomcnfg in the Open box, and then click
OK.
If a Windows Security Alert message prompts you to keep blocking the
Microsoft Management Console program, click to unblock the program.
5. In Component Services, double-click Component Services, double-click
Computers, double-click My Computer, and then click DCOM Config.
6. In the details pane, locate the program by using the friendly name.
If the AppGUID identifier is listed instead of the friendly name, locate
the program by using this identifier.
7. Right-click the program, and then click Properties.
8. Click the Security tab.
9. In the Launch and Activation Permissions area, click Customize, and
then click Edit.
10. Click Add, type the user's account name or authenticated users, and
then click OK.
11. While the user or authenticated users are selected, click to select
the Allow check boxes for the following items: Local Launch
Remote Launch
Local Activation
Remote Activation
12. Click OK two times.
13. Quit Registry Editor.
Grant the correct permissions to the Network Service account
To grant the correct permissions to the Network Service account, follow
these steps:
1. Click Start, click Run, type dcomcnfg in the Open box, and then click
OK.
2. In Component Services, double-click Component Services, and then
double-click Computers.
3. Right-click My Computer, and then click Properties.
4. Click the COM Security tab.
5. In the Launch and Activation Permissions area, click Edit Default.
6. Click Add, type Network Service, and then click OK.
7. While Network Service is selected, click to select the Allow check
boxes for the following items:
Local Launch
Remote Launch
Local Activation
Remote Activation
1. Click Start, click Run, type regedit in the Open box, and then click
OK.
2. Locate and then click the following registry subkey:
HKEY_CLASSES_ROOT\CLSID\CL
(For your issue, CLSID: {5A5AA0AA-1DEB-4683-96B0-B
Note In this subkey, "CLSID value" is a placeholder for the CLSID
information that appears in the message.
3. In the right pane, double-click AppID.
The Edit String dialog box appears. Leave this dialog box open and continue
to the next step.
4. Click Start, click Run, type dcomcnfg in the Open box, and then click
OK.
If a Windows Security Alert message prompts you to keep blocking the
Microsoft Management Console program, click to unblock the program.
5. In Component Services, double-click Component Services, double-click
Computers, double-click My Computer, and then click DCOM Config.
6. In the details pane, locate the program by using the friendly name.
If the AppGUID identifier is listed instead of the friendly name, locate
the program by using this identifier.
7. Right-click the program, and then click Properties.
8. Click the Security tab.
9. In the Launch and Activation Permissions area, click Customize, and
then click Edit.
10. Click Add, type the user's account name or authenticated users, and
then click OK.
11. While the user or authenticated users are selected, click to select
the Allow check boxes for the following items: Local Launch
Remote Launch
Local Activation
Remote Activation
12. Click OK two times.
13. Quit Registry Editor.
Grant the correct permissions to the Network Service account
To grant the correct permissions to the Network Service account, follow
these steps:
1. Click Start, click Run, type dcomcnfg in the Open box, and then click
OK.
2. In Component Services, double-click Component Services, and then
double-click Computers.
3. Right-click My Computer, and then click Properties.
4. Click the COM Security tab.
5. In the Launch and Activation Permissions area, click Edit Default.
6. Click Add, type Network Service, and then click OK.
7. While Network Service is selected, click to select the Allow check
boxes for the following items:
Local Launch
Remote Launch
Local Activation
Remote Activation