Avatar of Member_2_6492660_1
Member_2_6492660_1
Flag for United States of America asked on

Sharepoint 2010 Event Id 10016 Everytime A document is Open from the Shared Documents Site

Windows 2012 R2 Server 64 Bit
IIS 8.5
SharePoint 2010 SP2 FARM 64 Bit

When ever I open a document from shared documents page I get this error

Log Name:      System
Source:        Microsoft-Windows-DistributedCOM
Date:          6/25/2015 11:45:20 AM
Event ID:      10016
Task Category: None
Level:         Error
Keywords:      Classic
User:          MYDOM\spfarm
Computer:      SERV013.FQDN.com
Description:
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user MYDOM\spfarm SID (S-1-5-21-3054588571-1341459584-784128302-3142) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-DistributedCOM" Guid="{1B562E86-B7AA-4131-BADC-B6F3A001407E}" EventSourceName="DCOM" />
    <EventID Qualifiers="0">10016</EventID>
    <Version>0</Version>
    <Level>2</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8080000000000000</Keywords>
    <TimeCreated SystemTime="2015-06-25T15:45:20.319086700Z" />
    <EventRecordID>25657</EventRecordID>
    <Correlation />
    <Execution ProcessID="620" ThreadID="10848" />
    <Channel>System</Channel>
    <Computer>SERV013.FQDN.com</Computer>
    <Security UserID="S-1-5-21-3054588571-1341459584-784128302-3142" />
  </System>
  <EventData>
    <Data Name="param1">application-specific</Data>
    <Data Name="param2">Local</Data>
    <Data Name="param3">Activation</Data>
    <Data Name="param4">{8BC3F05E-D86B-11D0-A075-00C04FB68820}</Data>
    <Data Name="param5">{8BC3F05E-D86B-11D0-A075-00C04FB68820}</Data>
    <Data Name="param6">MYDOM</Data>
    <Data Name="param7">spfarm</Data>
    <Data Name="param8">S-1-5-21-3054588571-1341459584-784128302-3142</Data>
    <Data Name="param9">LocalHost (Using LRPC)</Data>
    <Data Name="param10">Unavailable</Data>
    <Data Name="param11">Unavailable</Data>
  </EventData>
</Event>

I went into the registry and found
“[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}]”
Changed Owner to administrators on the Windws 2012 server

Then opened Component Services on the Windows 2012 Server
Expand Computers
Expand My Computer
Highlighted DCOM on toolbar clicked details
Found 8BC3F05E-D86B-11D0-A075-00C04FB68820
changed permissions to add mydom/spfarm  with "Local Activation permissions



Still getting this error

Thoughts?

Thanks

Tom
Microsoft SharePointWindows Server 2012Document ManagementMicrosoft ApplicationsSBS

Avatar of undefined
Last Comment
Member_2_6492660_1

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
colly92002

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
Member_2_6492660_1

ASKER
Colly92002

Thanks for responding

It is strange that I can open the document read only or for update with no problem just why the dcom error

So in
http://blogs.msdn.com/b/distributedservices/archive/2009/01/21/dcom-error-10010-in-the-event-logs-and-sluggish-server-performance.aspx

I added the domain users group with read access to HKCR\CLSID permissions
Restarted the server

Same error

Then in
https://social.technet.microsoft.com/Forums/en-US/96572b96-18a6-4d0c-a722-075e4bf0e8b0/dcom-error-event-10006?forum=smallbusinessserver

I tried this
The problem is that the server wants to activate the WMI on the remote computer but cant. The solution in this case is to allow WMI activation/access on the machine's firewall.

use the following command:

On Win7
 netsh advfirewall firewall set rule group="Windows Remote Management" new enable=yes


My Windows 7 Pro applied the firewall settings

Opened a shared document  and on the server I got the same error Dcom again.

Thoughts?
SOLUTION
colly92002

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
Member_2_6492660_1

ASKER
Colly92002

Yes I run WSUS and my Servers and software get updated regularly

Now to the article above  That is for XP long gone.

But the first part I already did which I posted in my first posting of this question.


Only  thing I changed was adding Remote Launch and Remote Activation for user "spfarm"

The second part of that article not clear at all or does not match since this is Windows 2012 Server.

Where do I need to grant Network Services to?
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Member_2_6492660_1

ASKER
Martusha

The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
 {8BC3F05E-D86B-11D0-A075-00C04FB68820}
  and APPID
 {8BC3F05E-D86B-11D0-A075-00C04FB68820}
  to the user MYDOM\spfarm SID (S-1-5-21-3054588571-1341459584-784128302-3142)


The CLISD is Windows Management and Instrumentation  it is not IIS WAMREG Admin Service

I added WSS_WPG and WSS_ADMIN_WPG groups to 8BC3F05E-D86B-11D0-A075-00C04FB68820
Windows Management and Instrumentation  

Still same error 10016


So next I tried to do the same to IIS WAMREG Admin Service
But the Security Tab is greyed out

I went into the registry found IIS WAMREG Admin  {61738644-F196-11D0-9953-00C04FD919C1}
I changed the ownership to the local administrators group
hit apply and hit OK

Still greyed out

That was the same procedure I did for the other Component Services

Is IIS WAMREG Admin the one I need to add WSS_WPG and WSS_ADMIN_WPG groups too?

If so how do I do that with the security tabs being greyed out

Thoughts

Note is there a document that shows you all the SharePoint security setup step by step?
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
Member_2_6492660_1

ASKER
Guys

Still getting 10016 errors

I opened this up the other day

https://www.experts-exchange.com/questions/28693717/Windows-2012-DCOMCNFG-Service-Greyed-Out.html

He suggested that I add the groups to the high level My Computer in Dcom

I did that and still get the errors

So not being able to modify the IIS Admin Service with WSS groups is the problem

How do we get this fixed?
Member_2_6492660_1

ASKER
Martusha

Finally got  WSS_WPG and WSS_ADMIN_WPG added to IIS Admin Service
Also added SPFARM

All have
Local Lunch
Local Activation


After adding them and hitting apply and OK

I am still getting same 10016 error

Do I need to restart IIS? SharePoint Services? Server?

Thoughts
Member_2_6492660_1

ASKER
Update

Just tried  IISRESET /noforce

Still getting the 10016 error


Thoughts?
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
martusha

Hi Thomas!

Do you get the same error with the same APPID?
Member_2_6492660_1

ASKER
Martusha

not sure what you mean by

Do you get the same error with the same APPID?

Please explain further
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Member_2_6492660_1

ASKER
Martusha

this ID: 8BC3F05E-D86B-11D0-A075-00C04FB68820. Is it the same now?

Yes every time exact same appid

and as you can see above I was able to get the dcom entries updated

Could there be another place to do this?
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck
martusha

How much sharepoint servers is in your farm? maybe you need to add permissions on each SP servers
Member_2_6492660_1

ASKER
Martusha

I only have one Server running SharePoint 2010
martusha

Did you reboot server after changing permissions? If no, you should do that.
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Member_2_6492660_1

ASKER
No I have not restarted the server
Only did an iisrestart / noforce

I can try that later today
martusha

OK, please try to restart first and then we will see if ths error remains.
Member_2_6492660_1

ASKER
Martusha,

Just restarted the server.

After waiting a few minutes I tried opening a shared document

Exact same error

This is a strange one

What else can we check?

Thanks
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
martusha

Really strange. Let me think.
martusha

Maybe you have an antivirus installed? Check firewall, maybe there are some issues. Clear checkmarks for local area connections.
martusha

Also maybe you need to adjust the remote launch permissions as well, because there is a farm.
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Member_2_6492660_1

ASKER
Martusha

Maybe you have an antivirus installed?     No antivirus

Check firewall, maybe there are some issues Firewall where on the SharePoint server or on the computer trying to open the shared document? If it was a firewall issue then I would not even be able to access the site or even open the document.  Remember I can open the document.

Clear checkmarks for local area connections. Where do you mean to do this?


Also maybe you need to adjust the remote launch permissions as well On which one?

because there is a farm  I only have one Server running SharePoint and it is setup in Farm mode.


Note:

Yesterday I went to another computer on the network a Windows Vista computer it is 32 bit using IE 9
I went to Shared Documents and opened the same document I have been testing with and it opened it ok and no event id 10016  All my other computers have IE 11    

Thoughts?
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Member_2_6492660_1

ASKER
Martusha

spfarm has
Local Launch
Remote Launch
Local Activation
Remote Activation

All are selected

That is on the Windows Management and Instrumentation  in Component Services
this ID: 8BC3F05E-D86B-11D0-A075-00C04FB68820

Thoughts
martusha

In services console restart windows management instrumentation. I'm no sure if it helps, but just try.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
Member_2_6492660_1

ASKER
Martusha

restarted the services

Same results  

this is very strange but I know we will get it working.

Thoughts
martusha

Could you also check what permission added for Authenticated Users on the Windows Management and Instrumentation  in Component Services -> should be local launch, local activation and remote activation.
Member_2_6492660_1

ASKER
Martusha

yes Authenticated Users have
local launch
local activation
remote activation

should we add Remote launch

Thoughts
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
martusha

No, I don't think we need that.

Could you check windows firewall rules on server. check the inbound and outbound rues for all windows management instrumentation related rules are disabled.
Member_2_6492660_1

ASKER
Martusha

In Firewall inbound

Windows Management Instrumentation (Async-In)    Disabled
Windows Management Instrumentation (DCOM-IN)  Disabled
Windows Management Instrumentation (WMI-IN) Disabled

In firewall Outbound
Windows Management Instrumentation (WMI-IN) Disabled


Same on my computer also  all disabled

Thoughts
martusha

Could you check again the event info, maybe now it is related to different user, not spfarm?
Your help has saved me hundreds of hours of internet surfing.
fblack61
Member_2_6492660_1

ASKER
Martusha

good thought

The error message is the exact same error every time no variation at all

we have authenticated users in there what else can we be missing here?
Member_2_6492660_1

ASKER
Martusha

I checked this

Windows Services
Windows Management Instrumentation Service
Automatic and running
Logon as Local System

Component Services
Windows Management Instrumentation
this ID: 8BC3F05E-D86B-11D0-A075-00C04FB68820

Security
Launch and Activation Permissions
Customize

Authenticated Users                            Local Launch Local Activation Remote Activation
Network Service                                    Local Launch Remote Launch Local Activation Remote Activation
WSS_ADMIN_WPG (local group)         Local Launch Remote Launch Local Activation Remote Activation
WSS_WPG (local group)                       Local Launch Remote Launch Local Activation Remote Activation
SPFARM                                                  Local Launch Remote Launch Local Activation Remote Activation
SPMYSITE                                                Local Launch Remote Launch Local Activation Remote Activation
Administrators (local group)               Local Launch Remote Launch Local Activation Remote Activation


HTH
martusha

Thomas,

It is really strange... Seems everything should be ok. This error could be safely ignored, but it floods event logs.

Could you check in IIS -> application pools, what account is running the application pool of your sharepoint site where those documents are located. And add this account to security permissions of WMI in component services.
Also give Remote launch to authenticated users (do not think it will help, but just try).

I'm out of suggestions for now. :(
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Member_2_6492660_1

ASKER
no luck

yes the event log is flooded with these errors.

What am I missing here this is driving me crazy.

I see one application pool entry named

SharePoint Web Services Root  which is using an identity of LocalService

Where my site SharePoint - 80 is using an identity of mydom\spfarm


see attached

Thoughts
sharepoint-app-pool.png
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Member_2_6492660_1

ASKER
Colly

Yes in regedit I found
hkey_classes_root\clsid\{8BC3F05E-D86B-11D0-A075-00C04FB68820}
on key Default in Edit string  Value name Default, value data is Windows Management and Instrumentation

This is the one I have been adding the users to all along in Dcomcnfg

I understand how to find that I dont understand what accounts this error really needs
the event error show domain\spfarm so you would think that is the one but I have added a few and still get the error
authenticated users should cover all the domain user accounts

I saw in AD i have local service and found it on the local server users and groups
that is the only one left that I found in the application pool entries that I do not have in dcomcnfg

So the real question here is what accounts are needed in Windows Management and Instrumentation to stop this error

Thoughts
colly92002

Try creating a new web app in CA, create a site collection and site, put a new document in the shared folder, and see if you still get the error.  

Also might be worth considering restarting your DC (is this also 2012?).

If you are still getting the error then I'm all out of ideas :(   Might be worth opening a MS support ticket as this smells of a bug.
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23
Member_2_6492660_1

ASKER
Colly

Just resrted my DC's last night
Also restarted this server last night
All the above are Windows 2012

I can not figure out why I always uncover bugs you would think this has been seen before

I could introduce more issue if I create another site example I have another site already mysite.mydom.com but that one is giving me cannot load user profile
see this https://www.experts-exchange.com/questions/28695390/Sharepoint-2010-Could-not-load-user-profile.html

It was working then all of a sudden it stopped they were thinking a sync problem but my sync is running fine

can you take a look at that one ?
if we get that working then we can try a document from that site

Thanks
Member_2_6492660_1

ASKER
Update

1. still happening every time user opens shared document

2. I have one machine that it works on, why would that be?

                                only one of the many
Member_2_6492660_1

ASKER
Ok

Today created new site new collection site

Added a shared document

opened the document got same error 10016

We are missing something here

Error is the same every time no matter which site I try.
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Member_2_6492660_1

ASKER
Mohit

Which CLID are you asking about?

I changed these

Windows Management and Instrumentation
{8BC3F05E-D86B-11D0-A075-00C04FB68820}

IIS WAMREG Admin
{61738644-F196-11D0-9953-00C04FD919C1}

IIS Admin Service
{A9E69610-B80D-11D0-B9B9-00A0C922E750}


Using dcomcnfg add SPFARM account, WSS_ADMIN_WPG and  WSS_WPG groups Local Launch and Local Activation permissions

Still getting the exact same event error 10016
martusha

Hi Tom!
I thought maybe you need to install last CU or SP for your sharepoint?

Ps: I'm now on vacation and have limited interet access.
Member_2_6492660_1

ASKER
Martusha

Enjoy your vacation.

My SharePoint is running Service Pack 2 which as far as I know is the latest release

I found Kb3054961 which I will apply  and possibly kb2687446

Will post results after I apply the above two
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
Member_2_6492660_1

ASKER
Martusha

Found some more CU updates will apply and update status later today.
Member_2_6492660_1

ASKER
To all

No change after applying some of the updates not all are needed.

Anyone have any ideas

This is very strange
Member_2_6492660_1

ASKER
Just applied KB3054975  CU July 2015

No change same Error 10016
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Member_2_6492660_1

ASKER
I just ran the SharePoint 2010 Products Configuration Wizard to success steps 10 of 10

Still getting this error 10016


Thoughts
Member_2_6492660_1

ASKER
Closing this out as unsolved but still awarding point because of the good effort.

I decided to Completed rebuild the Farm from the beginning.

Hopefully this will help

Thanks for all your help