[THIN] Re: DCOM 10016 Error - The machine-default permission settings do not grant Remote Activation permission for the COM Server application
- From: "Jeremy Saunders" <Jeremy.Saunders@xxxxxxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Thu, 15 Jan 2009 01:28:07 +1100
No Probs....I think there are two different versions of dcomperm.exe
around. You can download my scripts including the working dcomperm.exe
from here:
http://www.jhouseconsulting.com/downloads/dcomperm.zip
The script should be well documented for you to follow J
Cheers,
Jeremy.
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of IT Support
Sent: Wednesday, January 14, 2009 11:01 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: DCOM 10016 Error - The machine-default permission
settings do not grant Remote Activation permission for the COM Server
application
Thanks for this great response but I'm not following your statement
about setting permissions on the CDF. Can you clarify further?
I've downloaded a version of dcomperm.exe but it is "unable to run on
this system".
Cheers.
N.
Nik
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Jeremy Saunders
Sent: 13 January 2009 00:59
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: DCOM 10016 Error - The machine-default permission
settings do not grant Remote Activation permission for the COM Server
application
The errors you get will be related to the COM Plus components and DCOM
permissions on the CDF service.
Firstly, ensure you have the COM Plus network access installed as per
Citrix KB article CTX112853
Secondly, set the correct permissions on the Citrix Diagnostic Facility
(CDF). I have a script that automates this as the server builds. It
simply uses a utility called dcomperm.exe to give members of the
"Distributed COM Users" the ability to local launch, local activate,
remote launch and remote activate the DCOM objects.
Thirdly, add the Citrix/Server administrators groups to the local
"Distributed COM Users" group.
Fourthly, if you are using Custom admins, ensure they have "view"
permissions on objects such as "View My Knowledge Configuration", as
this will also cause some AMC permission issues.
Once you've made these changes, the DCOM errors you are seeing will be a
thing of the past.
Cheers,
Jeremy.
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of IT Support
Sent: Monday, January 12, 2009 7:18 PM
To: 'thin@xxxxxxxxxxxxx'
Subject: [THIN] Re: DCOM 10016 Error - The machine-default permission
settings do not grant Remote Activation permission for the COM Server
application
Further to this -
We are also getting the error below in the logs, and errors enumerating
the Citrix Access Management Console.
This seems to happen on reboot, and persists until we manually restart
the IMA Service on the affected servers.
Any ideas?
N
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10006
Date: 12/01/2009
Time: 10:02:00
User: N/A
Computer: CITRIX1
Description:
DCOM got error "General access denied error " from the computer CITRIX2
when attempting to activate the server:
{DB192ECC-CCBC-4A97-8121-B2FB89FE77C2}
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of IT Support
Sent: 08 January 2009 08:34
To: 'thin@xxxxxxxxxxxxx'
Subject: [THIN] DCOM 10016 Error - The machine-default permission
settings do not grant Remote Activation permission for the COM Server
application
Hi All,
We're getting DCOM 10016 errors every time a citrix admin users the
Citrix Access Management console on all our citrix servers as below:
Before I start hacking away at DCOM config permissions, does anyone know
of a recommended citrix fix?
Cheers.
N
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10016
Date: 07/01/2009
Time: 12:20:09
User: DOMAIN\user.name
Computer: CITRIX1
Description:
The machine-default permission settings do not grant Remote Activation
permission for the COM Server application with CLSID
{DB192ECC-CCBC-4A97-8121-B2FB89FE77C2}
to the user DOMAIN\user.name SID
(S-1-5-21-1708537768-1844237615-1177238915-1249). This security
permission can be modified using the Component Services administrative
tool.
BM Polyco Ltd Disclaimer
This e-mail and the information it contains are confidential. If you
have received this message in error please notify us immediately. You
should not use or copy it for any purpose nor disclose its contents to
any other party. The contents of this communication are advisory and are
not binding on the Company unless supported by authorised documentation.
It has also passed through the MailControl Anti-Virus service powered by
BlackSpider for total peace of mind.
Click here <https://www.mailcontrol.com/sr/wQw0zmjPoHdJTZGyOCrrhg==> to
report this email as spam.
________________________________
Confidentiality and Privilege Notice
This document is intended solely for the named addressee. The
information contained in the pages is confidential and contains legally
privileged information. If you are not the addressee indicated in this
message (or responsible for delivery of the message to such person), you
may not copy or deliver this message to anyone, and you should destroy
this message and kindly notify the sender by reply email.
Confidentiality and legal privilege are not waived or lost by reason of
mistaken delivery to you.
________________________________
#####################################################################################
Confidentiality and Privilege Notice
This document is intended solely for the named addressee. The information
contained in the pages is confidential and contains legally privileged
information. If you are not the addressee indicated in this message (or
responsible for delivery of the message to such person), you may not copy or
deliver this message to anyone, and you should destroy this message and kindly
notify the sender by reply email. Confidentiality and legal privilege are not
waived or lost by reason of mistaken delivery to you.
#####################################################################################
Other related posts:
