asked on Hangs at applying personal settings
During the past week, we've had issues with around 50 XP SP3 clients having problems logging in. The pc hangs for more than 20minutes when "applying personal settings". The pc is shut down brutally and re-started. Then it is able to login.
But we have a gpo controlling wallpaper and one for Communicator, and these gpo's are applied (gpresult) but not effective. Other GPO's are applied.
We have 4 DC's (2 hardware and 2 virtual, all W2K8 R2). These DC's are not located in the countries where the pc's with problems are.
I have checked DNS settings and they look fine.
No GPO's has been altered the past month.
If I do a Systeminfo in a command prompt, the machines uses different DC's
Wan links are not loaded
Windows7 machines are not affected
I'm a bit lost here
But we have a gpo controlling wallpaper and one for Communicator, and these gpo's are applied (gpresult) but not effective. Other GPO's are applied.
We have 4 DC's (2 hardware and 2 virtual, all W2K8 R2). These DC's are not located in the countries where the pc's with problems are.
I have checked DNS settings and they look fine.
No GPO's has been altered the past month.
If I do a Systeminfo in a command prompt, the machines uses different DC's
Wan links are not loaded
Windows7 machines are not affected
I'm a bit lost here
Windows XPActive Directory
Last Comment
happyhenrik
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
hm, tuesday is the day when Microsoft put new updates out
What about updates on DC?
What about updates on DC?
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
M3rc74: Automatic updates are disabled by GPO on clients. The same for DC's and they have not been updated
David: There is no local DC
David: There is no local DC
Have you tried creating a new container that doesn't use the GPO's and moving one of these into that container to test if the GPO's are causing the issue?
.Dave
.Dave
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
No because the problem only appears once, and I don't who will be next... But the local servicedesk mentioned, that if the did a gpupdate /force and rebooted, everything was back to normal. I asked him to monitor that and report the outcome back to me everytime he has this issue
ASKER
I've only checked the event log on one pc, and I only found this:
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{24FF4FDC-1D9F-4195-8C79-0
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool.
I have no idea what it means...
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{24FF4FDC-1D9F-4195-8C79-0
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool.
I have no idea what it means...
Permission settings do not grant Local Launch permission for the COM Server application with CLSID
Here is the typical error description:
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{0D011B6A-4BDB-49CB-8533-8
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
To resolve this problem, use one of the following methods, depending on the cause of the problem.
Grant the user permissions to start the COM component
Grant the user permissions to start the COM component. To do this, follow these steps:
Click Start, click Run, type regedit in the Open box, and then click OK.
Locate and then click the following registry subkey:
HKEY_CLASSES_ROOT\CLSID\CL
Note In this subkey, "CLSID value" is a placeholder for the CLSID information that appears in the message.
In the right pane, double-click AppID.
The Edit String dialog box appears. Leave this dialog box open and continue to the next step.
Click Start, click Run, type dcomcnfg in the Open box, and then click OK.
If a Windows Security Alert message prompts you to keep blocking the Microsoft Management Console program, click to unblock the program.
In Component Services, double-click Component Services, double-click Computers, double-click My Computer, and then click DCOM Config.
In the details pane, locate the program by using the friendly name.
If the AppGUID identifier is listed instead of the friendly name, locate the program by using this identifier.
Right-click the program, and then click Properties.
Click the Security tab.
In the Launch and Activation Permissions area, click Customize, and then click Edit.
Click Add, type the user’s account name, and then click OK.
While the user is selected, click to select the Allow check boxes for the following items:
Local Launch
Remote Launch
Local Activation
Remote Activation
Click OK two times.
Quit Registry Editor.
Grant the correct permissions to the Network Service account
To grant the correct permissions to the Network Service account, follow these steps:
Click Start, click Run, type dcomcnfg in the Open box, and then click OK.
In Component Services, double-click Component Services, and then double-click Computers.
Right-click My Computer, and then click Properties.
Click the COM Security tab.
In the Launch and Activation Permissions area, click Edit Default.
Click Add, type Network Service, and then click OK.
While Network Service is selected, click to select the Allow check boxes for the following items:
Local Launch
Remote Launch
Local Activation
Remote Activation
Click OK two times.
Here is the typical error description:
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{0D011B6A-4BDB-49CB-8533-8
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
To resolve this problem, use one of the following methods, depending on the cause of the problem.
Grant the user permissions to start the COM component
Grant the user permissions to start the COM component. To do this, follow these steps:
Click Start, click Run, type regedit in the Open box, and then click OK.
Locate and then click the following registry subkey:
HKEY_CLASSES_ROOT\CLSID\CL
Note In this subkey, "CLSID value" is a placeholder for the CLSID information that appears in the message.
In the right pane, double-click AppID.
The Edit String dialog box appears. Leave this dialog box open and continue to the next step.
Click Start, click Run, type dcomcnfg in the Open box, and then click OK.
If a Windows Security Alert message prompts you to keep blocking the Microsoft Management Console program, click to unblock the program.
In Component Services, double-click Component Services, double-click Computers, double-click My Computer, and then click DCOM Config.
In the details pane, locate the program by using the friendly name.
If the AppGUID identifier is listed instead of the friendly name, locate the program by using this identifier.
Right-click the program, and then click Properties.
Click the Security tab.
In the Launch and Activation Permissions area, click Customize, and then click Edit.
Click Add, type the user’s account name, and then click OK.
While the user is selected, click to select the Allow check boxes for the following items:
Local Launch
Remote Launch
Local Activation
Remote Activation
Click OK two times.
Quit Registry Editor.
Grant the correct permissions to the Network Service account
To grant the correct permissions to the Network Service account, follow these steps:
Click Start, click Run, type dcomcnfg in the Open box, and then click OK.
In Component Services, double-click Component Services, and then double-click Computers.
Right-click My Computer, and then click Properties.
Click the COM Security tab.
In the Launch and Activation Permissions area, click Edit Default.
Click Add, type Network Service, and then click OK.
While Network Service is selected, click to select the Allow check boxes for the following items:
Local Launch
Remote Launch
Local Activation
Remote Activation
Click OK two times.
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
that might be the next step. I am waiting for a reply from our Client Management team, to see if they have done something, without telling me :-)
ASKER
OK - here's the deal.
Our Client management dep. rolled out a new version of Office Communicator last week. It was only done for older xp installations.
That caused the problem...
Thank you all for trying to help me out - I will split the points between you
Our Client management dep. rolled out a new version of Office Communicator last week. It was only done for older xp installations.
That caused the problem...
Thank you all for trying to help me out - I will split the points between you
Nothing on the DC's has been changed
Windows update is disabled on all clients through GPO