Tuesday, July 11, 2017

Default Permissions Issues in Server 2016

* This article published in a hurry, will tidy later *

 This error:

 Log Name:      System
Source:        Microsoft-Windows-DistributedCOM
Date:          7/11/2017 9:04:32 AM
Event ID:      10016
Task Category: None
Level:         Error
Keywords:      Classic
User:          SYSTEM
Computer:      SL2TDC4.MyDomain.ORG
Description:
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

 So this is a permissions issue related to the 'Connected Devices Platform' and can cause the NIC to fail during Windows updates. Here is now to fix:



  • Open REGEDIT navigate to HKEY_CLASSES_ROOT\CLSID\{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
  • Right-Click, select permissions
  • Click Advanced
  • Change Ownership to Administrators
  • Check the "replace all child object permissions entries with inheritable permissions from this object' checkbox
  • Click OK
  • Click YES
  • Edit permissions to provide Administrators FULL CONTROL if it is not already set.
  • Now go to HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{F72671A9-012C-4725-9D2F-2A4D32D65169}
  • Right-Click, select permissions
  • Click Advanced
  • Change Ownership to Administrators
  • Check the "replace owner on subcontainers and objects' checkbox
  • Click OK
  • Click YES
  • Edit permissions to provide Administrators FULL CONTROL if it is not already set.

  • Next, run COMEXP from an admin cmd prompt
  • Navigate down to Component Services\My Computer\DCOM Config\{F72671A9-012C-4725-9D2F-2A4D32D65169}
  • Right-Click select properties then the Security tab
  • Select Customize on the 'Launch and Activation Permissions'
  • Select Edit
  • Add Local Service from the local SAM
  • Check 'Local Activation'
  • OK, OK
  • Reboot
Repeat for all instances of EventID 10016 (System Event Log)

Connected Devices Platform (NIC Disconnects)
CLSID  {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}

APPID  {F72671A9-012C-4725-9D2F-2A4D32D65169}

 RuntimeBroker (Memory Leak)
CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}

APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}





No comments:

Post a Comment

Subscribe to: Post Comments (Atom)