comruntime 18210 and 18209 errors on server 2008 R2
hi everyone
having a problem with a 2008 R2 server that apparently out of the blue has started reporting COMRuntime errors. Although I'm certain its a change from elsewhere I'm having a huge problem tracking it down as the obvious things - setting the security defaults
- haven't solved it and trying to find more info is a bit of a problem, a lot of the google results are populated with fixyourregistrynowtool crap as opposed to helpful info.
Here's the usual batch of errors;
COMRuntime 18209
The machine-default permission settings do not grant Local access permission to the COM Server application C:\Windows\system32\svchost.exe with APPID
Unavailable
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
COMRuntime 18210
The application-specific permission settings do not grant Local access permission to the COM Server application C:\Windows\system32\DFSRs.exe with APPID
Unavailable
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). The application set this security permission programmatically; to modify this security permission contact the application vendor.
The application-specific permission settings do not grant Local access permission to the COM Server application C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe with APPID
Unavailable
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). The application set this security permission programmatically; to modify this security permission contact the application vendor.
The application-specific permission settings do not grant Local access permission to the COM Server application C:\Windows\system32\svchost.exe with APPID
Unavailable
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). The application set this security permission programmatically; to modify this security permission contact the application vendor.
The application-specific permission settings do not grant Local access permission to the COM Server application C:\Windows\system32\iashost.exe with APPID
{48DA6741-1BF0-4A44-8325-293086C79077}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
The application-specific permission settings do not grant Local access permission to the COM Server application C:\Windows\system32\lsass.exe with APPID
Unavailable
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). The application set this security permission programmatically; to modify this security permission contact the application vendor.
The security settings ( Component Services -> Computers -> My Computer | Properties ) on the Default Properties tab were enable DCOM ticked, Enable COM internet services unticked, Default Authentication level set to Connect, Default Impersonation Level
set to Identify (not set to impersonate for testing)
under the Com Security tab, Access permissions defaults are;
SELF - Local and remote
SYSTEM - local (and now remote for testing)
LOCAL SERVICE - local (and now remote for testing)
NETWORK SERVICE - local
Administrators - local and remote
Under limits (and this is where I'm thinking something has been fiddled)
Everyone - local and remote
LOCAL SERVICE - Local and remote
Performance Log Users - Local and remote
Distributed COM Users - Local and remote
Under the Launch and Activation Defaults;
SYSTEM - Local Launch, Local Activation (and now remote Launch and activate for testing)
LOCAL SERVICE - Local Launch, Local Activation (and now remote Launch and activate for testing)
Administrators - Local and Remote Launch, Local and Remote Activation
INTERACTIVE - Local and Remote Launch, Local and Remote Activation
Under the Launch and Activation Limits
Everyone - Local Launch and Local Activation
LOCAL SERVICE - Local and Remote Launch, Local and Remote Activation
Administrators - Local and Remote Launch, Local and Remote Activation
Performance Log Users - Local and Remote Launch, Local and Remote Activation
Distributed COM Users - Local and Remote Launch, Local and Remote Activation
the Local Service as reported in the COMRuntime 18210's does have be default all the required access, launch and activation security requirements, the errors indicate the problem is with the binaries, but it just doesn't add up. 3 weeks ago this
server had no problems.
This server has also been logging DCOM errors to its DNS forwarders and some changes were looked at for that but these have now been reversed.
September 19th, 2012 10:37pm