Hi, I came across to one issue regarding my Server Windows 2003 with Service Pack 2 hosting our SCCM Server 2007 R3 Primary site Server, in the Same Server Database is also in it, IIS and MS Forefront Endpoint Protection 2010 Server. The issue is in the Event Viewer, Systems I keep on seeing Event ID: 10016, Event Type: Error Event Source: DCOM Event Category: None Event ID: 10016 Date: 1/16/2012 Time: 3:16:55 PM User: NT AUTHORITY\LOCAL SERVICE Computer: CONTOSO Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {2B8EEDF8-21D2-51CD-8926-C31D2ED3E278} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission can be modified using the Component Services administrative tool. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. ============================ I tried to follow the suggested solution from Microsoft: http://www.microsoft.com/technet/support/ee/transform.aspx?ProdName=Windows+Operating+System&ProdVer=5.2&EvtID=10016&EvtSrc=DCOM&LCID=1033 But unfortunately I was stuck on the 6th procedure which requires locating friendly name in the DCOM. ............ Explanation A program, the Clsid displayed in the message, tried to start the DCOM server by using the DCOM infrastructure. Based on the security ID (SID), this user does not have the necessary permissions to start the DCOM server. User Action Verify that the user has the appropriate permissions to start the DCOM server. To assign permissions 1. Using Regedit, navigate to the following registry value HKCR\Clsid\clsid value\localserver32 The clsid value is the information displayed in the message. In my case I have HKCR\Clsid\{2B8EEDF8-21D2-51CD-8926-C31D2ED3E278}\localserver32 (Done) 2. In the right pane, double-click Default. The Edit String dialog box is displayed. Leave this dialog box open. (Done) 3. Click Start, and then click Control Panel. (Done) 4. Double-click Administrative Tools, and then double-click Component Services. (Done) 5. In the Component Services snap-in, expand Computers, expand My Computer, and double-click DCOM Config. (Done) 6. In the right pane, locate the program by using its friendly name.(In this procedure I am stuck, the issue is I cannot find the Friendly Name for the Application) 7. Right-click the program name, and then select Properties. 8. On the Security tab, in the Launch and Activation Permissions group box, select Customize, and then click Edit. Add the user to the permissions list, and give the user the appropriate permissions. If anyone can assist me on this issue it is highly appreciated. Regards,

did you perform the steps given above ? do you have any issues with SCCM functionality with this error ? this is more of windows server related issue http://social.technet.microsoft.com/Forums/en/category/windowsserver/ ,you can make use of it have you performed the steps given here on http://support.microsoft.com/kb/899965 Please click on "vote as Helpful" if you feel this post helpful to you. Eswar Koneti | My Tech blog: eskonr.com | Linkedin: Eswar Koneti

did you perform the steps given above ? do you have any issues with SCCM functionality with this error ? this is more of windows server related issue http://social.technet.microsoft.com/Forums/en/category/windowsserver/ ,you can make use of it have you performed the steps given here on http://support.microsoft.com/kb/899965 Please click on "vote as Helpful" if you feel this post helpful to you. Eswar Koneti | My Tech blog: eskonr.com | Linkedin: Eswar Koneti Eswar, Thank you for your reply please see below reply on my side: For SCCM Functionality, I need to check one by one but so far no reports from other System Adminstartors regarding deployment, I will check reports, Patch management section which will take time. Second I believed the link you have provided is for Windows XP Professional x64 Edition, however I also checked the procedure and settings compare to what I have. ..... as suggested on the Link from Microsoft the one you have provided: Grant the user permissions to start the COM component <script type="text/javascript">// <![CDATA[ loadTOCNode(2, 'resolution'); // ]]></script> Grant the user permissions to start the COM component. To do this, follow these steps: Click Start, click Run, type regedit in the Open box, and then click OK.(Done) Locate and then click the following registry subkey: HKEY_CLASSES_ROOT\CLSID\CLSID value Note In this subkey, "CLSID value" is a placeholder for the CLSID information that appears in the message.(Done) In the right pane, double-click AppID.(Done) The Edit String dialog box appears. Leave this dialog box open and continue to the next step. Click Start, click Run, type dcomcnfg in the Open box, and then click OK. If a Windows Security Alert message prompts you to keep blocking the Microsoft Management Console program, click to unblock the program.(Checked but Not required in my situation) In Component Services, double-click Component Services, double-click Computers, double-click My Computer, and then click DCOM Config.(Done) In the details pane, locate the program by using the friendly name. If the AppGUID identifier is listed instead of the friendly name, locate the program by using this identifier.(Once Again in this procedure I am stuck, the issue is I cannot find the Friendly Name for the Application even using the details in AppGUID) Right-click the program, and then click Properties. Click the Security tab. In the Launch and Activation Permissions area, click Customize, and then click Edit. Click Add, type the user's account name, and then click OK. While the user is selected, click to select the Allow check boxes for the following items: Local Launch Remote Launch Local Activation Remote Activation Click OK two times. Quit Registry Editor. Back to the top Grant the correct permissions to the Network Service account <script type="text/javascript">// <![CDATA[ loadTOCNode(2, 'resolution'); // ]]></script> To grant the correct permissions to the Network Service account, follow these steps: Click Start, click Run, type dcomcnfg in the Open box, and then click OK.(Done) In Component Services, double-click Component Services, and then double-click Computers.(Done) Right-click My Computer, and then click Properties. (Done) Click the COM Security tab.(Done) In the Launch and Activation Permissions area, click Edit Default.(Done) Click Add, type Network Service, and then click OK.(Done) While Network Service is selected, click to select the Allow check boxes for the following items:(Checked but Not required in my situation, my Event Log says the permission should be set for Local Service however I also checled and the Allo box for the below settings are with checked already) Local Launch Remote Launch Local Activation Remote Activation Click OK two times. Any other suggestions?

If the AppGUID identifier is listed instead of the friendly name, locate the program by using this identifier.(Once Again in this procedure I am stuck, the issue is I cannot find the Friendly Name for the Application even using the details in AppGUID) This is SMS Agent HostAndre van den Berg