Com+ Catalog Error, more security related errors

Hello Experts,

after a system restart, my colleague informed me that cannot start the VSS service.

Doing some troubleshooting i found out that i cannot open Com+ Application catalog and i am receiving error:


"Com+ Catalog Error. You do not have permission to perform requested action.If security is enabled on system application of the target computer make sure you are included into appropriate roles."

after doing more searches on the system i found out that i also cannot open/view:

gpresult :  ERROR: Logon failure: unknown user name or bad password.

RSOP.msc  returns, YOu do not have permission to perform this operation.

and i cannot view service dependencies ( Win32: Access denied) or network connection proprieties ( nothing is in there)

i am using a domain account which is working fine on other servers from the same location. I tried also with local admin, other admin accounts and still i am receiving the same errors.


Server is Windows 2003 and some security setting was applied or some security setting is corrupted.

maybe some security rights were removed but which ones?


Thanks for help!
ghetzuAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

TheCleanerCommented:
Check here:  http://support.microsoft.com/kb/909444

I know this was a big deal a ways back but shouldn't be an issue now unless it has been a long time since you've updated the server.
0
ghetzuAuthor Commented:
thanks for suggestion but i already checked this and permissions on registration folder are ok (also bypass right for everyone).

similar to that Microsoft event this appeared also in event log:

"The COM+ Event System detected a bad return code during its internal processing.  HRESULT was 80070005 from line 44 of d:\nt\com\complus\src\events\tier1\eventsystemobj.cpp.  Please contact Microsoft Product Support Services to report this error."
0
TheCleanerCommented:
Have you checked the local services to see if they have user accounts that they run under?  Did those account passwords change at some point before the reboot?  It could have happened a while back and the service has just been running this whole time since and when rebooted it can't now.

Same for the local users and groups...look in the Administrators group and see if it looks right.

Finally, look in the local security policy under user rights assignments and check and see what rights are set there.  Compare them to another known good server you have.
0
Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

ghetzuAuthor Commented:
i checked the services and it looks fine although cannot see dependencies and i will recheck local groups tomorrow morning,

in the mean time , i discovered that permissions on HKCR are different than default . There is a possibility that someone may have applied a security template etc.

how different than default?

on Hkey Classes root i have: admin ,system and creator owner and....everyone with read ( admin,sys and owner have default permissions)

So Power Users and Users are missing from there.

unfortunately i will check in 12 hours when i will arrive to work.



0
luke2008Commented:
Try restoring registry settings ( remove everyone and add power users to the root of HKCR)
verify after the registry change if you can access DCOM and WMI.
re-register VSS and test with system backup
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ghetzuAuthor Commented:

i restore the reg and added the power users and it is working!


VSS is working after registration.

many thanks!
0
ghetzuAuthor Commented:
thanks man for help!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Legacy OS

From novice to tech pro — start learning today.