DistributedCOM DC Server Event ID 10016 DCDIAG Error [Fixed]

DistributedCOM DC Server Event ID 10016 DCDIAG Error [Fixed] Leave a comment

Gadgets

Read this information to learn to repair the dcdiag error message, “The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID” Event ID 10016 error.

Step 0: Review the Problem Background and Overview

I lately promoted a Windows Server 2019 Server as an extra DC in a site. After selling the server, I accomplished the next duties:

  1. Confirmed that the server was added to its AD web site
  2. Ran “repadmin /kcc” and verified {that a} replication connection was mechanically generated.
  3. Verified that the server’s subnet is related to its native AD web site.

Finally, to make sure that there have been no replication errors, I ran dcdiag (hyperlink opens in a brand new browser tab) and piped the outcome to a textual content file. When I reviewed the file, I discovered that the server failed the SystemLog check.

Further evaluate of the dcsdiag file signifies that an occasion log was logged with the next particulars: “The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID.”

The supply of this occasion within the System occasion log is DistributedCOM, with an Event ID of 10016. The error particulars are within the screenshot under.

I’ve defined the steps I took to repair the error message within the remaining sections of this text.

The first two steps under contain enhancing the Windows registry. As this will likely break your server, it’s strongly really useful to take a snapshot of your server if it’s a VM or again the server up if it’s a bodily server.

Step 1: Change the Ownership of the CLSID Registry Keys

  1. Get the offending software’s CLSID from the occasion error log. This is the sting of values subsequent to the CLSID within the occasion error log. I’ve highlighted the applying’s CLSID ID within the screenshot under:
Get the offending application's CLSID from the event error log. This is the sting of values next to the CLSID in the event error log. I have highlighted the application's CLSID ID in the screenshot below:
  1. Search for and open Regedit. Then, navigate to HKEY_Classes_RootCLSID<the CLSID string from 1 above>.

Since there are such a lot of registry keys within the “HKEY_Classes_RootCLSID” registry path, one of the simplest ways to find the important thing you want is to repeat the important thing from the occasion log, paste it after “” on the and press the enter key.

Since there are so many registry keys in the "HKEY_Classes_RootCLSID" registry path, the best way to locate the key you need is to copy the key from the event log, paste it after "" on the and press the enter key.
  1. Right-click the registry key and select permissions.
Right-click the registry key and choose permissions.
  1. After that, click on the Advanced button within the registry key’s permission properties web page, then click on the Change button subsequent to the Owner.
After that, click the Advanced button in the registry key's permission properties page, then click the Change button next to the Owner.
  1. Then, enter Administrators within the Enter the thing names to pick out field and click on Check Names > OK.
Then, enter Administrators in the Enter the object names to select box and click Check Names > OK.
  1. Finally, verify the Replace house owners on sub containers and objects checkbox and click on OK.
  1. Finally, grant the Administrators group Full Control and click on OK to shut the registry key’s permissions properties window. Do not shut the registry editor but, as you’ll need to in Step 3 under.
Finally, grant the Administrators group Full Control and click OK to close the registry key's permissions properties window. Do not close the registry editor yet, as you will need to in Step 3 below.

Step 3: Change the Ownership of the APPID Registry Keys

  1. Get the offending software’s APPID from the occasion error log. See mine within the screenshot under.
Get the offending application's APPID from the event error log. See mine in the screenshot below.
  1. Back within the registry editor, navigate to KEY_LocalMachineSoftwareClassesAppID registry key, enter the identify of the APPID out of your occasion log on the finish of the above path, and press enter.
Back in the registry editor, navigate to KEY_LocalMachineSoftwareClassesAppID registry key, enter the name of the APPID from your event log at the end of the above path, and press enter.
  1. Right-click the APPID’s registry key and select Permissions. Then, repeat steps 4, 5, 6, and seven of the final part to make the Domain Administrators group the registry key proprietor—keep in mind to grant the Administrators group Full Control.
Right-click the APPID's registry key and choose Permissions. Then, repeat steps 4, 5, and 6 of the last section to make the Domain Administrators' group the owner of the registry key.
  1. Close the registry editor.
  1. Search for and open administrative Tools. Then, find and open the element providers – you may seek for it.
Search for and open administrative Tools. Then, locate and open the component services - you can search for it
  1. Then, develop Component providers > Computer > My Computer and click on DCOM Config.
Then, expand Component services > Computer > My Computer and click DCOM Config.
  1. After that, develop DCOM Config, search for the corresponding service within the error viewer, right-click on it, after which select Properties.

If you obtain the warning message within the screenshot under, choose Yes. The app IDs that start with “{” might be towards the top, so you will need to scroll down the DCOM Config checklist to see the one you’re in search of.

If you receive the warning message in the screenshot below, select Yes.
After that, expand DCOM Config, look for the corresponding
After that, expand DCOM Config and look for the corresponding service in the error viewer, right-click on it, and then choose Properties.
  1. On the Properties window, choose the Security tab, then within the Access Permission part, choose Customize, then click on the Edit button.
On the Properties window, select the Security tab, then in the Access Permission section, select Customize, then click the Edit button.
  1. After that, click on the Add button.
After that, click the Add button. Then, in the Enter the object name to select field, enter Local Service, click Check Names, and OK.
  1. Then, click on the Locations button subsequent to From this location, choose the identify of the native server and click on OK.
Then, click the Locations button next to From this location, select the name of the local server and click OK.
  1. After that, within the Enter the thing identify to pick out subject, enter the identify of the account displayed within the occasion log error (NT SERVICEOCAUM) see the primary screenshot under) – then, click on Check Names, and OK.
After that, in the Enter the object name to select field, enter the name of the account displayed in the event log error (NT SERVICEOCAUM
After that, in the Enter the object name to select field, enter the name of the account displayed in the event log error (NT SERVICEOCAUM, see the screenshot below) then, click Check Names, and OK.
  1. Finally, grant the account Local and Remote entry, then click on OK and OK.
Finally, grant the account Local and Remote access, then click OK, and OK.
Finally, confirm that the Local Service is granted Full Control, then click OK, and OK.

Step 5: Rerun DCDIAG to Confirm that the SystemLog Test Passed

  1. Clear the System occasion log by right-clicking it and selecting Clear log. Save a duplicate of the log within the course of should you require it for additional troubleshooting.
Clear the System event log by right-clicking it and choosing Clear log. Save a copy of the log in the process if you require it for further troubleshooting.
  1. After that, rerun dcdiag to substantiate that the SystemLog check handed.

Conclusion

Fixing the “The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID” Event ID 10016 error is so simple as granting the account within the occasion log error permission to the COM Server software.

In this “fix it” information, I walked you thru the steps to finish this activity utilizing a real-life error I encountered after selling a Windows Server 2019 server to a DC.

I hope this text met your expectations. Let me know by responding to our “Was this page helpful?” request under.

Leave a Reply

Amazon Disclosure
This site is a participant in the amazon services LLC associates program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to amazon.com. amazon, the amazon logo, amazon supply, and the amazon supply logo are trademarks of amazon.com, inc. or its affiliates. as an amazon associate, we earn affiliate commissions from qualifying purchases.
© Copyright - All Rights Reserved