[THIN] Re: DCOM 10016 Error - The machine-default permission settings do not grant Remote Activation permission for the COM Server application
- From: IT Support <it@xxxxxxxxxxxx>
- To: "thin@xxxxxxxxxxxxx" <thin@xxxxxxxxxxxxx>
- Date: Fri, 16 Jan 2009 08:41:17 +0000
Hi Jim,
I did this as the domain administrator - ie opening up dcomcnfg and literally
expanding each node until it errored.
The only error it came back with related to acrobat reader PDFShellInfo which
was not recorded.
Needless to say this hasn't fixed my issue.
The strange thing is that these issues go away when I manually stop and start
the Citrix IMA Service - until the next [daily] reboot.....
Regards
Nik
IT Services Manager
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of
Jim Kenzig http://thin.ms
Sent: 15 January 2009 15:28
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: DCOM 10016 Error - The machine-default permission settings
do not grant Remote Activation permission for the COM Server application
Did you try opening dcomcnfg and click on and go through each of the components
to see if any of them came up in error? It will usually fix ones it finds that
are.
Jim Kenzig
Blog: http://www.techblink.com
On Thu, Jan 15, 2009 at 10:02 AM, IT Support
<it@xxxxxxxxxxxx<mailto:it@xxxxxxxxxxxx>> wrote:
I implemented everything below and ran the script, but my original issue is
still there every day until I restart the IMA Service.
Damn!
Regards
Nik
IT Services Manager
From: thin-bounce@xxxxxxxxxxxxx<mailto:thin-bounce@xxxxxxxxxxxxx>
[mailto:thin-bounce@xxxxxxxxxxxxx<mailto:thin-bounce@xxxxxxxxxxxxx>] On Behalf
Of IT Support
Sent: 14 January 2009 15:15
To: thin@xxxxxxxxxxxxx<mailto:thin@xxxxxxxxxxxxx>
Subject: [THIN] Re: DCOM 10016 Error - The machine-default permission settings
do not grant Remote Activation permission for the COM Server application
Thanks very much.
I've run the script + restarted the IMA service & the errors have gone.
Hopefully they won't come back again....
N
Nik
From: thin-bounce@xxxxxxxxxxxxx<mailto:thin-bounce@xxxxxxxxxxxxx>
[mailto:thin-bounce@xxxxxxxxxxxxx<mailto:thin-bounce@xxxxxxxxxxxxx>] On Behalf
Of Jeremy Saunders
Sent: 14 January 2009 14:28
To: thin@xxxxxxxxxxxxx<mailto:thin@xxxxxxxxxxxxx>
Subject: [THIN] Re: DCOM 10016 Error - The machine-default permission settings
do not grant Remote Activation permission for the COM Server application
No Probs....I think there are two different versions of dcomperm.exe around.
You can download my scripts including the working dcomperm.exe from here:
http://www.jhouseconsulting.com/downloads/dcomperm.zip
The script should be well documented for you to follow J
Cheers,
Jeremy.
From: thin-bounce@xxxxxxxxxxxxx<mailto:thin-bounce@xxxxxxxxxxxxx>
[mailto:thin-bounce@xxxxxxxxxxxxx<mailto:thin-bounce@xxxxxxxxxxxxx>] On Behalf
Of IT Support
Sent: Wednesday, January 14, 2009 11:01 PM
To: thin@xxxxxxxxxxxxx<mailto:thin@xxxxxxxxxxxxx>
Subject: [THIN] Re: DCOM 10016 Error - The machine-default permission settings
do not grant Remote Activation permission for the COM Server application
Thanks for this great response but I'm not following your statement about
setting permissions on the CDF. Can you clarify further?
I've downloaded a version of dcomperm.exe but it is "unable to run on this
system".
Cheers.
N.
Nik
From: thin-bounce@xxxxxxxxxxxxx<mailto:thin-bounce@xxxxxxxxxxxxx>
[mailto:thin-bounce@xxxxxxxxxxxxx<mailto:thin-bounce@xxxxxxxxxxxxx>] On Behalf
Of Jeremy Saunders
Sent: 13 January 2009 00:59
To: thin@xxxxxxxxxxxxx<mailto:thin@xxxxxxxxxxxxx>
Subject: [THIN] Re: DCOM 10016 Error - The machine-default permission settings
do not grant Remote Activation permission for the COM Server application
The errors you get will be related to the COM Plus components and DCOM
permissions on the CDF service.
Firstly, ensure you have the COM Plus network access installed as per Citrix KB
article CTX112853
Secondly, set the correct permissions on the Citrix Diagnostic Facility (CDF).
I have a script that automates this as the server builds. It simply uses a
utility called dcomperm.exe to give members of the "Distributed COM Users" the
ability to local launch, local activate, remote launch and remote activate the
DCOM objects.
Thirdly, add the Citrix/Server administrators groups to the local "Distributed
COM Users" group.
Fourthly, if you are using Custom admins, ensure they have "view" permissions
on objects such as "View My Knowledge Configuration", as this will also cause
some AMC permission issues.
Once you've made these changes, the DCOM errors you are seeing will be a thing
of the past.
Cheers,
Jeremy.
From: thin-bounce@xxxxxxxxxxxxx<mailto:thin-bounce@xxxxxxxxxxxxx>
[mailto:thin-bounce@xxxxxxxxxxxxx<mailto:thin-bounce@xxxxxxxxxxxxx>] On Behalf
Of IT Support
Sent: Monday, January 12, 2009 7:18 PM
To: 'thin@xxxxxxxxxxxxx<mailto:thin@xxxxxxxxxxxxx>'
Subject: [THIN] Re: DCOM 10016 Error - The machine-default permission settings
do not grant Remote Activation permission for the COM Server application
Further to this -
We are also getting the error below in the logs, and errors enumerating the
Citrix Access Management Console.
This seems to happen on reboot, and persists until we manually restart the IMA
Service on the affected servers.
Any ideas?
N
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10006
Date: 12/01/2009
Time: 10:02:00
User: N/A
Computer: CITRIX1
Description:
DCOM got error "General access denied error " from the computer CITRIX2 when
attempting to activate the server:
{DB192ECC-CCBC-4A97-8121-B2FB89FE77C2}
From: thin-bounce@xxxxxxxxxxxxx<mailto:thin-bounce@xxxxxxxxxxxxx>
[mailto:thin-bounce@xxxxxxxxxxxxx<mailto:thin-bounce@xxxxxxxxxxxxx>] On Behalf
Of IT Support
Sent: 08 January 2009 08:34
To: 'thin@xxxxxxxxxxxxx<mailto:thin@xxxxxxxxxxxxx>'
Subject: [THIN] DCOM 10016 Error - The machine-default permission settings do
not grant Remote Activation permission for the COM Server application
Hi All,
We're getting DCOM 10016 errors every time a citrix admin users the Citrix
Access Management console on all our citrix servers as below:
Before I start hacking away at DCOM config permissions, does anyone know of a
recommended citrix fix?
Cheers.
N
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10016
Date: 07/01/2009
Time: 12:20:09
User: DOMAIN\user.name<http://user.name>
Computer: CITRIX1
Description:
The machine-default permission settings do not grant Remote Activation
permission for the COM Server application with CLSID
{DB192ECC-CCBC-4A97-8121-B2FB89FE77C2}
to the user DOMAIN\user.name<http://user.name> SID
(S-1-5-21-1708537768-1844237615-1177238915-1249). This security permission can
be modified using the Component Services administrative tool.
BM Polyco Ltd Disclaimer
This e-mail and the information it contains are confidential. If you have
received this message in error please notify us immediately. You should not use
or copy it for any purpose nor disclose its contents to any other party. The
contents of this communication are advisory and are not binding on the Company
unless supported by authorised documentation.
It has also passed through the MailControl Anti-Virus service powered by
BlackSpider for total peace of mind.
Click here<https://www.mailcontrol.com/sr/wQw0zmjPoHdJTZGyOCrrhg==> to report
this email as spam.
________________________________
Confidentiality and Privilege Notice
This document is intended solely for the named addressee. The information
contained in the pages is confidential and contains legally privileged
information. If you are not the addressee indicated in this message (or
responsible for delivery of the message to such person), you may not copy or
deliver this message to anyone, and you should destroy this message and kindly
notify the sender by reply email. Confidentiality and legal privilege are not
waived or lost by reason of mistaken delivery to you.
________________________________
________________________________
Confidentiality and Privilege Notice
This document is intended solely for the named addressee. The information
contained in the pages is confidential and contains legally privileged
information. If you are not the addressee indicated in this message (or
responsible for delivery of the message to such person), you may not copy or
deliver this message to anyone, and you should destroy this message and kindly
notify the sender by reply email. Confidentiality and legal privilege are not
waived or lost by reason of mistaken delivery to you.
________________________________
Other related posts:
