[THIN] Re: DCOM 10016 Error - The machine-default permission settings do not grant Remote Activation permission for the COM Server application
- From: "Jeremy Saunders" <Jeremy.Saunders@xxxxxxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Sat, 17 Jan 2009 01:30:53 +1100
Strange...must be some other problem with IMA that's reflecting an issue
with the CDF DCOM object...like the IMA service hanging...or something
along those lines. What version of XenApp are you running and what
hotfix level is it at?
Cheers,
Jeremy.
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of IT Support
Sent: Friday, January 16, 2009 5:52 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: DCOM 10016 Error - The machine-default permission
settings do not grant Remote Activation permission for the COM Server
application
One other thing I don't think I've mentioned is..
On affected servers, when you run QUERY FARM it comes back blank!
Again, this is resolved after you restart the IMA Service.
Regards
Nik
IT Services Manager
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of IT Support
Sent: 16 January 2009 08:41
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: DCOM 10016 Error - The machine-default permission
settings do not grant Remote Activation permission for the COM Server
application
Hi Jim,
I did this as the domain administrator - ie opening up dcomcnfg and
literally expanding each node until it errored.
The only error it came back with related to acrobat reader PDFShellInfo
which was not recorded.
Needless to say this hasn't fixed my issue.
The strange thing is that these issues go away when I manually stop and
start the Citrix IMA Service - until the next [daily] reboot.....
Regards
Nik
IT Services Manager
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Jim Kenzig http://thin.ms
Sent: 15 January 2009 15:28
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: DCOM 10016 Error - The machine-default permission
settings do not grant Remote Activation permission for the COM Server
application
Did you try opening dcomcnfg and click on and go through each of the
components to see if any of them came up in error? It will usually fix
ones it finds that are.
Jim Kenzig
Blog: http://www.techblink.com
On Thu, Jan 15, 2009 at 10:02 AM, IT Support <it@xxxxxxxxxxxx> wrote:
I implemented everything below and ran the script, but my original issue
is still there every day until I restart the IMA Service.
Damn!
Regards
Nik
IT Services Manager
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of IT Support
Sent: 14 January 2009 15:15
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: DCOM 10016 Error - The machine-default permission
settings do not grant Remote Activation permission for the COM Server
application
Thanks very much.
I've run the script + restarted the IMA service & the errors have gone.
Hopefully they won't come back again....
N
Nik
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Jeremy Saunders
Sent: 14 January 2009 14:28
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: DCOM 10016 Error - The machine-default permission
settings do not grant Remote Activation permission for the COM Server
application
No Probs....I think there are two different versions of dcomperm.exe
around. You can download my scripts including the working dcomperm.exe
from here:
http://www.jhouseconsulting.com/downloads/dcomperm.zip
The script should be well documented for you to follow J
Cheers,
Jeremy.
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of IT Support
Sent: Wednesday, January 14, 2009 11:01 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: DCOM 10016 Error - The machine-default permission
settings do not grant Remote Activation permission for the COM Server
application
Thanks for this great response but I'm not following your statement
about setting permissions on the CDF. Can you clarify further?
I've downloaded a version of dcomperm.exe but it is "unable to run on
this system".
Cheers.
N.
Nik
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Jeremy Saunders
Sent: 13 January 2009 00:59
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: DCOM 10016 Error - The machine-default permission
settings do not grant Remote Activation permission for the COM Server
application
The errors you get will be related to the COM Plus components and DCOM
permissions on the CDF service.
Firstly, ensure you have the COM Plus network access installed as per
Citrix KB article CTX112853
Secondly, set the correct permissions on the Citrix Diagnostic Facility
(CDF). I have a script that automates this as the server builds. It
simply uses a utility called dcomperm.exe to give members of the
"Distributed COM Users" the ability to local launch, local activate,
remote launch and remote activate the DCOM objects.
Thirdly, add the Citrix/Server administrators groups to the local
"Distributed COM Users" group.
Fourthly, if you are using Custom admins, ensure they have "view"
permissions on objects such as "View My Knowledge Configuration", as
this will also cause some AMC permission issues.
Once you've made these changes, the DCOM errors you are seeing will be a
thing of the past.
Cheers,
Jeremy.
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of IT Support
Sent: Monday, January 12, 2009 7:18 PM
To: 'thin@xxxxxxxxxxxxx'
Subject: [THIN] Re: DCOM 10016 Error - The machine-default permission
settings do not grant Remote Activation permission for the COM Server
application
Further to this -
We are also getting the error below in the logs, and errors enumerating
the Citrix Access Management Console.
This seems to happen on reboot, and persists until we manually restart
the IMA Service on the affected servers.
Any ideas?
N
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10006
Date: 12/01/2009
Time: 10:02:00
User: N/A
Computer: CITRIX1
Description:
DCOM got error "General access denied error " from the computer CITRIX2
when attempting to activate the server:
{DB192ECC-CCBC-4A97-8121-B2FB89FE77C2}
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of IT Support
Sent: 08 January 2009 08:34
To: 'thin@xxxxxxxxxxxxx'
Subject: [THIN] DCOM 10016 Error - The machine-default permission
settings do not grant Remote Activation permission for the COM Server
application
Hi All,
We're getting DCOM 10016 errors every time a citrix admin users the
Citrix Access Management console on all our citrix servers as below:
Before I start hacking away at DCOM config permissions, does anyone know
of a recommended citrix fix?
Cheers.
N
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10016
Date: 07/01/2009
Time: 12:20:09
User: DOMAIN\user.name
Computer: CITRIX1
Description:
The machine-default permission settings do not grant Remote Activation
permission for the COM Server application with CLSID
{DB192ECC-CCBC-4A97-8121-B2FB89FE77C2}
to the user DOMAIN\user.name SID
(S-1-5-21-1708537768-1844237615-1177238915-1249). This security
permission can be modified using the Component Services administrative
tool.
BM Polyco Ltd Disclaimer
This e-mail and the information it contains are confidential. If you
have received this message in error please notify us immediately. You
should not use or copy it for any purpose nor disclose its contents to
any other party. The contents of this communication are advisory and are
not binding on the Company unless supported by authorised documentation.
It has also passed through the MailControl Anti-Virus service powered by
BlackSpider for total peace of mind.
Click here <https://www.mailcontrol.com/sr/wQw0zmjPoHdJTZGyOCrrhg==> to
report this email as spam.
________________________________
Confidentiality and Privilege Notice
This document is intended solely for the named addressee. The
information contained in the pages is confidential and contains legally
privileged information. If you are not the addressee indicated in this
message (or responsible for delivery of the message to such person), you
may not copy or deliver this message to anyone, and you should destroy
this message and kindly notify the sender by reply email.
Confidentiality and legal privilege are not waived or lost by reason of
mistaken delivery to you.
________________________________
________________________________
Confidentiality and Privilege Notice
This document is intended solely for the named addressee. The
information contained in the pages is confidential and contains legally
privileged information. If you are not the addressee indicated in this
message (or responsible for delivery of the message to such person), you
may not copy or deliver this message to anyone, and you should destroy
this message and kindly notify the sender by reply email.
Confidentiality and legal privilege are not waived or lost by reason of
mistaken delivery to you.
________________________________
#####################################################################################
Confidentiality and Privilege Notice
This document is intended solely for the named addressee. The information
contained in the pages is confidential and contains legally privileged
information. If you are not the addressee indicated in this message (or
responsible for delivery of the message to such person), you may not copy or
deliver this message to anyone, and you should destroy this message and kindly
notify the sender by reply email. Confidentiality and legal privilege are not
waived or lost by reason of mistaken delivery to you.
#####################################################################################
Other related posts:
