Monday, November 17, 2008

Event ID: 10016

Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10016
Date: 11/17/2008
Time: 2:20:47 AM
Computer: SV021SHA003
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission can be modified using the Component Services administrative tool.

For more information, see Help and Support Center at

Like it is writen in the description, you have to give some permissions to the mentioned application.

1. go to "run" in the start box and run "dcomcnfg"
2. go to Console Root --> Computers --> My Computer --> DCOM Config. There you can set the permissions to a specific application.
3. Look for the application you using when the error occurs. If there is no clear text name, look for a entry with the clsid {BA126AD1-2166-11D1-B1D0-00805FC1270E} or netman. The last entries (those ones without a clear text name) are labeled by their clsid.
4. Open the properties of the concering application and go to the tab called security
5. Ok, now chose "Customize" in the "Launch and Activation Permissions" part. And go to Edit
6. Now, is there already a user called "NETWORK SERVICE"?
If yes, give that application the "local launch" and the "local activation" permission.
If no, add the user "NETWORK SERVICE" and give him the permissions mentioned above.

Note: That's a common CLSID - it's listed as "netman" in DCOM Config. That's where the error lies.

RE: EventViewer DCOM error 10016 {BA126AD1-2166-11D1-B1D0-00805FC1270E

resetting to default permissions didn't work for our server; someone else had
mentioned adding the NETWORK SERVICE account to the permissions list - that's
not possible because the server is a DC and local accounts are not available.

what now?

try this
Local Service and other well-known security principals do not appear on
your Windows Server 2003 domain controller

I had this exact same problem today. This is how I fixed it. Simply,
add the NETWORK SERVICE user account to the Distributed COM Users
group. That should fix the problem, it did for me. Best wishes...

No comments: