Monday, January 12, 2009

[THIN] Re: DCOM 10016 Error - The machine-default permission settings do not grant Remote Activation permission for the COM Server application

The errors you get will be related to the COM Plus components and DCOM permissions on the CDF service.

 

Firstly, ensure you have the COM Plus network access installed as per Citrix KB article CTX112853

 

Secondly, set the correct permissions on the Citrix Diagnostic Facility (CDF). I have a script that automates this as the server builds. It simply uses a utility called dcomperm.exe to give members of the "Distributed COM Users" the ability to local launch, local activate, remote launch and remote activate the DCOM objects.

 

Thirdly, add the Citrix/Server administrators groups to the local "Distributed COM Users" group.

 

Fourthly, if you are using Custom admins, ensure they have “view” permissions on objects such as  “View My Knowledge Configuration”, as this will also cause some AMC permission issues.

 

Once you’ve made these changes, the DCOM errors you are seeing will be a thing of the past.

 

Cheers,

Jeremy.

 

From: thin-bounce@freelists.org [mailto:thin-bounce@freelists.org] On Behalf Of IT Support
Sent: Monday, January 12, 2009 7:18 PM
To: 'thin@freelists.org'
Subject: [THIN] Re: DCOM 10016 Error - The machine-default permission settings do not grant Remote Activation permission for the COM Server application

 

Further to this –

We are also getting the error below in the logs, and errors enumerating the Citrix Access Management Console.

This seems to happen on reboot, and persists until we manually restart the IMA Service on the affected servers.

Any ideas?

N

 

 

Event Type:     Error

Event Source:  DCOM

Event Category:          None

Event ID:        10006

Date:               12/01/2009

Time:               10:02:00

User:                N/A

Computer:       CITRIX1

Description:

DCOM got error "General access denied error " from the computer CITRIX2 when attempting to activate the server:

{DB192ECC-CCBC-4A97-8121-B2FB89FE77C2}

 

 

 

 

From: thin-bounce@freelists.org [mailto:thin-bounce@freelists.org] On Behalf Of IT Support
Sent: 08 January 2009 08:34
To: 'thin@freelists.org'
Subject: [THIN] DCOM 10016 Error - The machine-default permission settings do not grant Remote Activation permission for the COM Server application

 

Hi All,

 

We’re getting DCOM 10016 errors every time a citrix admin users the Citrix Access Management console on all our citrix servers as below:

 

Before I start hacking away at DCOM config permissions, does anyone know of a recommended citrix fix?

 

Cheers.

 

N

 

 

Event Type:        Error

Event Source:    DCOM

Event Category:                None

Event ID:              10016

Date:                     07/01/2009

Time:                     12:20:09

User:                     DOMAIN\user.name

Computer:          CITRIX1

Description:

The machine-default permission settings do not grant Remote Activation permission for the COM Server application with CLSID

{DB192ECC-CCBC-4A97-8121-B2FB89FE77C2}

 to the user DOMAIN\user.name SID (S-1-5-21-1708537768-1844237615-1177238915-1249).  This security permission can be modified using the Component Services administrative tool.

 

 

 

 

BM Polyco Ltd Disclaimer
This e-mail and the information it contains are confidential. If you have received this message in error please notify us immediately. You should not use or copy it for any purpose nor disclose its contents to any other party. The contents of this communication are advisory and are not binding on the Company unless supported by authorised documentation.
It has also passed through the MailControl Anti-Virus service powered by BlackSpider for total peace of mind. 

 

Click here to report this email as spam.


Confidentiality and Privilege Notice
This document is intended solely for the named addressee.  The information contained in the pages is confidential and contains legally privileged information. If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or deliver this message to anyone, and you should destroy this message and kindly notify the sender by reply email. Confidentiality and legal privilege are not waived or lost by reason of mistaken delivery to you.

No comments: