DCOM error on all DC's every time GP updates

Posted on 2011-10-25
Last Modified: 2012-05-12
Everytime group policy updates on any of our DC's (can be reproduced with a gpupdate /force) the following event gets logged:

Log Name:      System
Source:        Microsoft-Windows-DistributedCOM
Date:          25/10/2011 2:47:57 PM
Event ID:      10009
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      <domain controller>
DCOM was unable to communicate with the computer <old AppV server we no longer have> using any of the configured protocols.

The server being looked for was setup to try out Microsoft AppV, but we decided not to use it, and got rid of that server (deleted the VM).

I recently removed the computer account from our AD, but I still get that DCOM error on our DC's.  I've checked through our Default Domain and Default Domain Controller GPO's, and I can't find a reference to that server directly (although I don't know much about AppV and I might find something if I knew what to look for?).

So far, I don't think there are any problems caused by this, but I am interested to know why this is occuring, and if anyone has any suggestions on where/how to start looking for the the source of the error.
Question by:PtboGiser
    LVL 24

    Assisted Solution

    You could use ADSIEDIT.msc to see if you can find a reference to it, also in ad users and computers if you select advanced and check in the system container (or better just run a search) to find a reference to it.


    Accepted Solution

    Not sure where to even start looking in ADSI edit, but in advanced view, there is no record of it anymore in AD users and com puters.  It's been a while, and it still happens.  I'm wondering if there is somewhere in dcom settings, or in GP that I should be looking?
    LVL 24

    Assisted Solution

    Check your DNS zones for old records for this server and delete them, also check any software relating to this server agents etc are removed from other servers, clients.


    Author Closing Comment

    K, I figured it out.  The old server was setup as a certificate authority, on a different (old), trusted domain, but the role did not uninstall correctly.  There were actually 2 other cert servers that had failed to uninstall, and had since been decommissioned.  I found an article directying me to remove the entries manually from Active Directory Sites and Services, and after removed, no more errors.  Thanks anyways :)

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Do You Know the 4 Main Threat Actor Types?

    Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

    Scenario:  You do full backups to a internal hard drive in either product (SBS or Server 2008).  All goes well for a very long time.  One day, backups begin to fail with a message that the disk is full.  Your disk contains many, many more backups th…
    This tutorial will give a short introduction and overview of Backup Exec 2014 and the additional features that have been added over its predecessor Backup Exec 2012. As with Backup Exec 2012, the Backup Exec button in the upper left corner. From her…
    This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    10 Experts available now in Live!

    Get 1:1 Help Now