- Joined
- Oct 13, 2016
- Messages
- 6
- Reaction score
- 0
Event ID 10016 - DistributedCOM
- Thread starter Regedit32
- Start date
Regedit32
Moderator
- Joined
- Mar 4, 2016
- Messages
- 3,617
- Reaction score
- 1,139
Sorry for the delay in updating things.
I was trying to replicate your scenario to work out a resolution for you.
Attached is a zipped folder named: Take or Restore Ownership Scripts.zip
Inside this folder are two command scripts:
Download the zipped folder, then run a quick virus scan. Extract folder and when you are logged in with a username that belongs to the Administrative Group, right-click on the TakeOwnership.cmd script and select Run as administrator which ought to take ownership for you of the two keys I mentioned in the article.
After that make the changes you need to make with the DCOMs, then when ready you can right-click on the RestoreOwnership.cmd script and select Run as administrator to restore ownership to defaults.
Regards,
Regedit32
I was trying to replicate your scenario to work out a resolution for you.
Attached is a zipped folder named: Take or Restore Ownership Scripts.zip
Inside this folder are two command scripts:
- TakeOwnership.cmd
- RestoreOwnership.cmd
Download the zipped folder, then run a quick virus scan. Extract folder and when you are logged in with a username that belongs to the Administrative Group, right-click on the TakeOwnership.cmd script and select Run as administrator which ought to take ownership for you of the two keys I mentioned in the article.
After that make the changes you need to make with the DCOMs, then when ready you can right-click on the RestoreOwnership.cmd script and select Run as administrator to restore ownership to defaults.
Regards,
Regedit32
- Joined
- Oct 13, 2016
- Messages
- 6
- Reaction score
- 0
Hi Regedit,
wow. thanx for that fantastic support.
This makes me feel a lil bad, because I formatted my system and reinstalled win10 sunday night. I tried different things on my own, but nothing worked.
I wish i didnt, so i could try your "ownership.cmd", but i thought this was a problem which can´t be solved easily, so i decided in an act of impatience and frustration to clean all the mess up and start all over again.
But in case I get this error again - i downloaded your file and am prepared...
Once again thanks for your efforts and your support.
Regards
wow. thanx for that fantastic support.
This makes me feel a lil bad, because I formatted my system and reinstalled win10 sunday night. I tried different things on my own, but nothing worked.
I wish i didnt, so i could try your "ownership.cmd", but i thought this was a problem which can´t be solved easily, so i decided in an act of impatience and frustration to clean all the mess up and start all over again.
But in case I get this error again - i downloaded your file and am prepared...
Once again thanks for your efforts and your support.
Regards
- Joined
- Oct 30, 2016
- Messages
- 15
- Reaction score
- 0
Hi
Firstly, can I say what a fantastic article and well laid out one of the best I have seen.
I have a couple of questions and sorry if it is staring me in the face but I am struggling a little.
In step 5 tidying up by setting files back to default owner, how do you know what user had ownership?
My second is more of a problem as this is not fixing the issue I have the same CLSID and APPID Error even though I have set the permissions. See log here this keeps coming back even though I have set the permissions.
See
Also resetting permissions back does not work for this
See here reg key in question
Firstly, can I say what a fantastic article and well laid out one of the best I have seen.
I have a couple of questions and sorry if it is staring me in the face but I am struggling a little.
In step 5 tidying up by setting files back to default owner, how do you know what user had ownership?
My second is more of a problem as this is not fixing the issue I have the same CLSID and APPID Error even though I have set the permissions. See log here this keeps coming back even though I have set the permissions.
See
Also resetting permissions back does not work for this
See here reg key in question
Last edited:
- Joined
- Oct 30, 2016
- Messages
- 15
- Reaction score
- 0
I have also noticed i keep getting this error as well not sure if it is related?
If it is not i can make a separate post if required.
Log Name: System
Source: Microsoft-Windows-DistributedCOM
Date: 30/10/2016 11:54:11
Event ID: 10010
Task Category: None
Level: Error
Keywords: Classic
User: DALE-PC1\Dale
Computer: Dale-PC1
Description:
The server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} did not register with DCOM within the required timeout.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-DistributedCOM" Guid="{1B562E86-B7AA-4131-BADC-B6F3A001407E}" EventSourceName="DCOM" />
<EventID Qualifiers="0">10010</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8080000000000000</Keywords>
<TimeCreated SystemTime="2016-10-30T11:54:11.788175700Z" />
<EventRecordID>18568</EventRecordID>
<Correlation />
<Execution ProcessID="8" ThreadID="9028" />
<Channel>System</Channel>
<Computer>Dale-PC1</Computer>
<Security UserID="S-1-5-21-4124590474-3230443324-182549641-1022" />
</System>
<EventData>
<Data Name="param1">{4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}</Data>
</EventData>
</Event>
If it is not i can make a separate post if required.
Log Name: System
Source: Microsoft-Windows-DistributedCOM
Date: 30/10/2016 11:54:11
Event ID: 10010
Task Category: None
Level: Error
Keywords: Classic
User: DALE-PC1\Dale
Computer: Dale-PC1
Description:
The server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} did not register with DCOM within the required timeout.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-DistributedCOM" Guid="{1B562E86-B7AA-4131-BADC-B6F3A001407E}" EventSourceName="DCOM" />
<EventID Qualifiers="0">10010</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8080000000000000</Keywords>
<TimeCreated SystemTime="2016-10-30T11:54:11.788175700Z" />
<EventRecordID>18568</EventRecordID>
<Correlation />
<Execution ProcessID="8" ThreadID="9028" />
<Channel>System</Channel>
<Computer>Dale-PC1</Computer>
<Security UserID="S-1-5-21-4124590474-3230443324-182549641-1022" />
</System>
<EventData>
<Data Name="param1">{4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}</Data>
</EventData>
</Event>
- Joined
- Oct 30, 2016
- Messages
- 15
- Reaction score
- 0
I am getting 7 Identical Instances all at once
Regedit32
Moderator
- Joined
- Mar 4, 2016
- Messages
- 3,617
- Reaction score
- 1,139
Hi Dale,
Welcome to the Forum.
I'll attempt to address your questions in the order asked, one post at a time as the answers while hopefully straightforward to follow, are not short.
First, you were wondering how I knew what owned the Registry Key prior to taking ownership of it to perform the necessary editing of the DistributedCOM.
There are a number of ways to do this, the easiest of which would be to open the Registry Editor and check permissions there first before changing ownership of the specific key.
For example:
Now that is quite a lot of clicking and scrolling to locate the key you wish to identify owner of. A simpler way would be to do the following.
Finally, another giant clue is in the original Event Viewer error message:
In the red boxes you see it tells you the CLSID which is attempting to access the AppID's DistrubtedCOM has a User named System and also NT Authority\SYSYEM
The SID (S-1-5-18) is also a clue as this is unique to the SYSTEM and thus the owner must be SYSTEM for the CLSID key
In the green box we see the container's SID is unavailable. This is a clue in that generally when you see this it will be owned by the TrustedInstaller.
As this is the container SID we can also deduce this will be the owner for the AppID as the CLSID is attempting to access the DistributedCOM via its container.
You have the setacl.exe command above to confirm the owner of the AppID key.
Regards,
Regedit32
Welcome to the Forum.
I'll attempt to address your questions in the order asked, one post at a time as the answers while hopefully straightforward to follow, are not short.
First, you were wondering how I knew what owned the Registry Key prior to taking ownership of it to perform the necessary editing of the DistributedCOM.
There are a number of ways to do this, the easiest of which would be to open the Registry Editor and check permissions there first before changing ownership of the specific key.
For example:
- Press Windows key and R key together to open the Run dialog
- In the Run dialog type regedit then click OK
- When the User Account Control appears click Yes
- You'll now see the Registry Editor window appear. In its left pane click and expand to the key you wish to take ownership of. For example if we go to the AppID from article we would expand like so:
HKEY_LOCAL_MACHINE
Right-click on the key in the left pane and select Permissions to open this window:
Click the Advanced button in the window to view the following:
And now you can see in this example the owner is TrustedInstaller
— SOFTWARE
Now obviously there may be many other keys above the one we wish to change as can be seen in example image:— Classes
— AppID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
Right-click on the key in the left pane and select Permissions to open this window:
Click the Advanced button in the window to view the following:
And now you can see in this example the owner is TrustedInstaller
Now that is quite a lot of clicking and scrolling to locate the key you wish to identify owner of. A simpler way would be to do the following.
- Right-click on Start
- Left-click on Command Prompt (Admin)
- When the User Account Control appears click Yes
- Now in the Administrator: Command Prompt window type the following command:
Code:setacl.exe -on "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{F72671A9-012C-4725-9D2F-2A4D32D65169}" -ot reg -actn list
Press Enter key to execute
Sample image
You see the list command provides us the Owner which is in this example TrustedInstaller
Obviously, you would change path and key name to the one you want information on, but the four commands otherwise remain the same:
setacl.exe is needed first
-on is the command for the object name in the above example that name is the key name: {F72671A9-012C-4725-9D2F-2A4D32D65169} but you must include the FULL PATH to the object name, and this should be enclosed inside speech marks "FULL PATH to object\Object Name"
-ot is the command used to identify what the object type is. In this example the Object is a Registry key so its type is reg
-actn is the command for what action to perform on the object. In this example we chose list which provides the permission details of the reg object {F72671A9-012C-4725-9D2F-2A4D32D65169}
Finally, another giant clue is in the original Event Viewer error message:
In the red boxes you see it tells you the CLSID which is attempting to access the AppID's DistrubtedCOM has a User named System and also NT Authority\SYSYEM
The SID (S-1-5-18) is also a clue as this is unique to the SYSTEM and thus the owner must be SYSTEM for the CLSID key
In the green box we see the container's SID is unavailable. This is a clue in that generally when you see this it will be owned by the TrustedInstaller.
As this is the container SID we can also deduce this will be the owner for the AppID as the CLSID is attempting to access the DistributedCOM via its container.
You have the setacl.exe command above to confirm the owner of the AppID key.
Regards,
Regedit32
Regedit32
Moderator
- Joined
- Mar 4, 2016
- Messages
- 3,617
- Reaction score
- 1,139
For your second question you mention you are continuing to experience issues despite changing permissions for:
Now according to the error message the User DALE-PC1\Dale SID (S-1-5-21-4124590474-3230443324-182549641-1022) is unable to access Cortana via its DistrubtedCOM container (AppID {316CDED5-E4AE-4B15-9113-7055D84DCC97}) because Local Activation Permission has not been granted.
Thus the steps to take are to take ownership of both the ClSID key and the AppID key and make the owner Dale with the SID mentioned above, then grant Dale full control.
After doing that you can then open the DistributedCOM Configuration window where you will scroll down to location the Component the CLSID and AppID pointed to - in this case to save time its the Immersive Shell
Sample image
When you review the information for the AppID in the Registry you may have noticed its RunAS value is Interactive User meaning it ought to happily switch between any user on your System,be that you, the SYSTEM, or another person logged on. You'll need to ensure you set Local Activation Permissions for this Compoent for yourself and the Interactive Users if any.
Finally, in this case both the AppID and the CLSID are owned by the TrustedInstaller
In your text hyperlink you attempted to setowner for the CLSID key to SYSTEM:
SetACL.exe -on "HKEY_CLASSES_ROOT\CLSID\{C2F03A33-21F5-47FA-B4BB-156362A2F239}" -ot reg -actn setowner -ownr "n:SYSTEM"
That needs to be the TrustedInstaller in this case! Thus when resetting owner at end you need to use command:
That may be why your error persists.
If for some reason the CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} was owned by SYSTEM prior to you taking ownership of this registry key, then there lies your issue as this must belong to the TrustedInstaller in this instance because Cortana is an infused App for Windows 10.
Regards,
Regedit32
- the CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239}
- and the AppID {316CDED5-E4AE-4B15-9113-7055D84DCC97}
Now according to the error message the User DALE-PC1\Dale SID (S-1-5-21-4124590474-3230443324-182549641-1022) is unable to access Cortana via its DistrubtedCOM container (AppID {316CDED5-E4AE-4B15-9113-7055D84DCC97}) because Local Activation Permission has not been granted.
Thus the steps to take are to take ownership of both the ClSID key and the AppID key and make the owner Dale with the SID mentioned above, then grant Dale full control.
After doing that you can then open the DistributedCOM Configuration window where you will scroll down to location the Component the CLSID and AppID pointed to - in this case to save time its the Immersive Shell
Sample image
When you review the information for the AppID in the Registry you may have noticed its RunAS value is Interactive User meaning it ought to happily switch between any user on your System,be that you, the SYSTEM, or another person logged on. You'll need to ensure you set Local Activation Permissions for this Compoent for yourself and the Interactive Users if any.
Finally, in this case both the AppID and the CLSID are owned by the TrustedInstaller
In your text hyperlink you attempted to setowner for the CLSID key to SYSTEM:
SetACL.exe -on "HKEY_CLASSES_ROOT\CLSID\{C2F03A33-21F5-47FA-B4BB-156362A2F239}" -ot reg -actn setowner -ownr "n:SYSTEM"
That needs to be the TrustedInstaller in this case! Thus when resetting owner at end you need to use command:
Code:
SetACL.exe -on "HKEY_CLASSES_ROOT\CLSID\{C2F03A33-21F5-47FA-B4BB-156362A2F239}" -ot reg -actn setowner -ownr "n:NT SERVICE\TrustedInstaller"That may be why your error persists.
If for some reason the CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} was owned by SYSTEM prior to you taking ownership of this registry key, then there lies your issue as this must belong to the TrustedInstaller in this instance because Cortana is an infused App for Windows 10.
Regards,
Regedit32
- Joined
- Oct 30, 2016
- Messages
- 15
- Reaction score
- 0
I get this back do you think it has the wrong owner?
I have tried setting ownership as descirbed
Microsoft Windows [Version 10.0.14393]
(c) 2016 Microsoft Corporation. All rights reserved.
C:\WINDOWS\system32>setacl.exe -on "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{F72671A9-012C-4725-9D2F-2A4D32D65169}" -ot reg -actn list
machine\SOFTWARE\Classes\AppID\{F72671A9-012C-4725-9D2F-2A4D32D65169}
DACL(protected+auto_inherited):
Administrators full allow container_inherit
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+inherit_only
SYSTEM read allow no_inheritance
SYSTEM read allow container_inherit+inherit_only
Users read allow no_inheritance
Users read allow container_inherit+inherit_only
ALL APPLICATION PACKAGES read allow no_inheritance
ALL APPLICATION PACKAGES read allow container_inherit+inherit_only
S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681 read allow no_inheritance
S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681 read allow container_inherit+inherit_only
SetACL finished successfully.
C:\WINDOWS\system32>
C:\WINDOWS\system32>setacl.exe -on "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C2F03A33-21F5-47FA-B4BB-156362A2F239}" -ot reg -actn list
machine\SOFTWARE\Classes\CLSID\{C2F03A33-21F5-47FA-B4BB-156362A2F239}
DACL(protected+auto_inherited):
Administrators full allow container_inherit
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+inherit_only
SYSTEM read allow no_inheritance
SYSTEM read allow container_inherit+inherit_only
Users read allow no_inheritance
Users read allow container_inherit+inherit_only
ALL APPLICATION PACKAGES read allow no_inheritance
ALL APPLICATION PACKAGES read allow container_inherit+inherit_only
S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681 read allow no_inheritance
S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681 read allow container_inherit+inherit_only
SetACL finished successfully.
I have tried setting ownership as descirbed
Microsoft Windows [Version 10.0.14393]
(c) 2016 Microsoft Corporation. All rights reserved.
C:\WINDOWS\system32>setacl.exe -on "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{F72671A9-012C-4725-9D2F-2A4D32D65169}" -ot reg -actn list
machine\SOFTWARE\Classes\AppID\{F72671A9-012C-4725-9D2F-2A4D32D65169}
DACL(protected+auto_inherited):
Administrators full allow container_inherit
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+inherit_only
SYSTEM read allow no_inheritance
SYSTEM read allow container_inherit+inherit_only
Users read allow no_inheritance
Users read allow container_inherit+inherit_only
ALL APPLICATION PACKAGES read allow no_inheritance
ALL APPLICATION PACKAGES read allow container_inherit+inherit_only
S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681 read allow no_inheritance
S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681 read allow container_inherit+inherit_only
SetACL finished successfully.
C:\WINDOWS\system32>
C:\WINDOWS\system32>setacl.exe -on "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C2F03A33-21F5-47FA-B4BB-156362A2F239}" -ot reg -actn list
machine\SOFTWARE\Classes\CLSID\{C2F03A33-21F5-47FA-B4BB-156362A2F239}
DACL(protected+auto_inherited):
Administrators full allow container_inherit
TrustedInstaller full allow no_inheritance
TrustedInstaller full allow container_inherit+inherit_only
SYSTEM read allow no_inheritance
SYSTEM read allow container_inherit+inherit_only
Users read allow no_inheritance
Users read allow container_inherit+inherit_only
ALL APPLICATION PACKAGES read allow no_inheritance
ALL APPLICATION PACKAGES read allow container_inherit+inherit_only
S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681 read allow no_inheritance
S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681 read allow container_inherit+inherit_only
SetACL finished successfully.
Last edited:
Regedit32
Moderator
- Joined
- Mar 4, 2016
- Messages
- 3,617
- Reaction score
- 1,139
No that is correct.
When you set the owner back to NT Authority\TrustedInstaller, that is the owner of the key's permissions.
With this reset the DistributedCOM settings cannot be changed until you retake ownership of the key.
However, the list command is displaying the Principals and their individual permissions.
You added the Administrators to the Principal list with Full control and as its the latest addition it appears on top of list.You can still see the only other Principal with full control next in list; that being TrustedInstaller.
If you opened Registry Editor and took a peek at Permissions > Advanced for this key you'll see its Owner is TrustedInstaller given you chose to reset ownership after modifying the component.
When you set the owner back to NT Authority\TrustedInstaller, that is the owner of the key's permissions.
With this reset the DistributedCOM settings cannot be changed until you retake ownership of the key.
However, the list command is displaying the Principals and their individual permissions.
You added the Administrators to the Principal list with Full control and as its the latest addition it appears on top of list.You can still see the only other Principal with full control next in list; that being TrustedInstaller.
If you opened Registry Editor and took a peek at Permissions > Advanced for this key you'll see its Owner is TrustedInstaller given you chose to reset ownership after modifying the component.
Regedit32
Moderator
- Joined
- Mar 4, 2016
- Messages
- 3,617
- Reaction score
- 1,139
The thing to remember here is Cortana is a work in progress and as you receive updates things will more than likely be added to Cortana as Microsoft fine tune it. it is likely thus, the Registry keys associated with it will also be modified during updates, thus some of the changes you have made thus far, could be reset during a windows update.
- Joined
- Oct 30, 2016
- Messages
- 15
- Reaction score
- 0
How can i tell if everything is back as it should be ?
With the correct owners ?
I will monitor my Event Log to see if i get nay more errors.
Very strange all day yesterday this error never showed so i thought it has sorted itself.
But when i checked this morning it was back again
Regedit32
Moderator
- Joined
- Mar 4, 2016
- Messages
- 3,617
- Reaction score
- 1,139
You can check by opening Registry Editor and checking Permissions > Advanced as earlier explained, or by using that List with setacl.exe command to confirm the principals with full control.
In your case it is correct based on your previous post.
In your case it is correct based on your previous post.
- Joined
- Oct 30, 2016
- Messages
- 15
- Reaction score
- 0
- Joined
- Oct 30, 2016
- Messages
- 15
- Reaction score
- 0
HI Regedit32
Been no errors for 2 days but today i have just got this
Log Name: System
Source: Microsoft-Windows-DistributedCOM
Date: 04/11/2016 14:38:59
Event ID: 10016
Task Category: None
Level: Error
Keywords: Classic
User: DALE-PC1\Dale
Computer: Dale-PC1
Description:
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user DALE-PC1\Dale SID (S-1-5-21-4124590474-3230443324-182549641-1022) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-DistributedCOM" Guid="{1B562E86-B7AA-4131-BADC-B6F3A001407E}" EventSourceName="DCOM" />
<EventID Qualifiers="0">10016</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8080000000000000</Keywords>
<TimeCreated SystemTime="2016-11-04T14:38:59.119180700Z" />
<EventRecordID>19456</EventRecordID>
<Correlation />
<Execution ProcessID="724" ThreadID="15776" />
<Channel>System</Channel>
<Computer>Dale-PC1</Computer>
<Security UserID="S-1-5-21-4124590474-3230443324-182549641-1022" />
</System>
<EventData>
<Data Name="param1">application-specific</Data>
<Data Name="param2">Local</Data>
<Data Name="param3">Activation</Data>
<Data Name="param4">{C2F03A33-21F5-47FA-B4BB-156362A2F239}</Data>
<Data Name="param5">{316CDED5-E4AE-4B15-9113-7055D84DCC97}</Data>
<Data Name="param6">DALE-PC1</Data>
<Data Name="param7">Dale</Data>
<Data Name="param8">S-1-5-21-4124590474-3230443324-182549641-1022</Data>
<Data Name="param9">LocalHost (Using LRPC)</Data>
<Data Name="param10">Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy</Data>
<Data Name="param11">S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742</Data>
</EventData>
</Event>
Been no errors for 2 days but today i have just got this
Log Name: System
Source: Microsoft-Windows-DistributedCOM
Date: 04/11/2016 14:38:59
Event ID: 10016
Task Category: None
Level: Error
Keywords: Classic
User: DALE-PC1\Dale
Computer: Dale-PC1
Description:
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user DALE-PC1\Dale SID (S-1-5-21-4124590474-3230443324-182549641-1022) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-DistributedCOM" Guid="{1B562E86-B7AA-4131-BADC-B6F3A001407E}" EventSourceName="DCOM" />
<EventID Qualifiers="0">10016</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8080000000000000</Keywords>
<TimeCreated SystemTime="2016-11-04T14:38:59.119180700Z" />
<EventRecordID>19456</EventRecordID>
<Correlation />
<Execution ProcessID="724" ThreadID="15776" />
<Channel>System</Channel>
<Computer>Dale-PC1</Computer>
<Security UserID="S-1-5-21-4124590474-3230443324-182549641-1022" />
</System>
<EventData>
<Data Name="param1">application-specific</Data>
<Data Name="param2">Local</Data>
<Data Name="param3">Activation</Data>
<Data Name="param4">{C2F03A33-21F5-47FA-B4BB-156362A2F239}</Data>
<Data Name="param5">{316CDED5-E4AE-4B15-9113-7055D84DCC97}</Data>
<Data Name="param6">DALE-PC1</Data>
<Data Name="param7">Dale</Data>
<Data Name="param8">S-1-5-21-4124590474-3230443324-182549641-1022</Data>
<Data Name="param9">LocalHost (Using LRPC)</Data>
<Data Name="param10">Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy</Data>
<Data Name="param11">S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742</Data>
</EventData>
</Event>
- Joined
- Oct 13, 2016
- Messages
- 6
- Reaction score
- 0
Hi REgedit32,
its me again. :-/
I´ve been safe for that DCOM Error after my fresh clean install for a while now.
But since a few days, i have the same problem again. I think, it might happened after installing some MSI Tools.
So it´s the same problem with the same reg-key like last time and the same you mentioned in your post.
And guess what, the same problem with the last promt :
SetACL.exe -on "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{F72671A9-012C-4725-9D2F-2A4D32D65169}" -ot reg -actn ace -ace "n:Administrators;p:full"
so i downloaded your "Take ownership or restore...." Program and run it as Admin.
have this error Message.
After going to the dcom configuration, i´m still not able to manipulate the entries...
any ideas?
P.S. i deinstalled the MSI Programs, but this didn´t seem to help either...
regards
- Joined
- Oct 13, 2016
- Messages
- 6
- Reaction score
- 0
Hey Guys,
it seems, that i solved the problem.
I used a tool called "RegOwnershipEX from "Winaero".
With that tool, i could manipulate the DCOM entries.
The Error hasn´t shown up since then.
Hope that will help someone, who has the same problem.
Cheers !
Musicman
it seems, that i solved the problem.
I used a tool called "RegOwnershipEX from "Winaero".
With that tool, i could manipulate the DCOM entries.
The Error hasn´t shown up since then.
Hope that will help someone, who has the same problem.
Cheers !
Musicman
- Joined
- Aug 10, 2015
- Messages
- 2
- Reaction score
- 0
There is one persistent component which fails to register;
The server {21F282D1-A881-49E1-9A3A-26E44E39B86C} did not register with DCOM within the required timeout.
this is linked to this service:
It is not possible to fix because it is not listed in component services.
trying to fix/disable the service only regenerates a new CDP service on reboot with a different suffix i.e._e6061
this looks like and probably is bug but it is highly irritating because I could get loads of events a day for this component.
The server {21F282D1-A881-49E1-9A3A-26E44E39B86C} did not register with DCOM within the required timeout.
this is linked to this service:
It is not possible to fix because it is not listed in component services.
trying to fix/disable the service only regenerates a new CDP service on reboot with a different suffix i.e._e6061
this looks like and probably is bug but it is highly irritating because I could get loads of events a day for this component.
- Joined
- Oct 24, 2016
- Messages
- 167
- Reaction score
- 27
Hello Regedit32,
I took ownership of the keys that were causing DistributedCOM error 10016 last night, by following your instruction using the Registry.
Even though I had taken ownership, the DistributedCOM 10016 were back this morning !??
And it was the very same keys.
So, I went in the Registry, checked the ownership, and everything was OK.
Do you have any idea why I still get this error ?
Thank You for your answer
Sorry for the bad English, I'm French !
Have a Nice Day
I took ownership of the keys that were causing DistributedCOM error 10016 last night, by following your instruction using the Registry.
Even though I had taken ownership, the DistributedCOM 10016 were back this morning !??
And it was the very same keys.
So, I went in the Registry, checked the ownership, and everything was OK.
Do you have any idea why I still get this error ?
Thank You for your answer
Sorry for the bad English, I'm French !
Have a Nice Day