comruntime 18210 and 18209 errors on server 2008 R2
hi everyone having a problem with a 2008 R2 server that apparently out of the blue has started reporting COMRuntime errors. Although I'm certain its a change from elsewhere I'm having a huge problem tracking it down as the obvious things - setting the security defaults - haven't solved it and trying to find more info is a bit of a problem, a lot of the google results are populated with fixyourregistrynowtool crap as opposed to helpful info. Here's the usual batch of errors; COMRuntime 18209 The machine-default permission settings do not grant Local access permission to the COM Server application C:\Windows\system32\svchost.exe with APPID Unavailable to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. COMRuntime 18210 The application-specific permission settings do not grant Local access permission to the COM Server application C:\Windows\system32\DFSRs.exe with APPID Unavailable to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). The application set this security permission programmatically; to modify this security permission contact the application vendor. The application-specific permission settings do not grant Local access permission to the COM Server application C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe with APPID Unavailable to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). The application set this security permission programmatically; to modify this security permission contact the application vendor. The application-specific permission settings do not grant Local access permission to the COM Server application C:\Windows\system32\svchost.exe with APPID Unavailable to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). The application set this security permission programmatically; to modify this security permission contact the application vendor. The application-specific permission settings do not grant Local access permission to the COM Server application C:\Windows\system32\iashost.exe with APPID {48DA6741-1BF0-4A44-8325-293086C79077} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. The application-specific permission settings do not grant Local access permission to the COM Server application C:\Windows\system32\lsass.exe with APPID Unavailable to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). The application set this security permission programmatically; to modify this security permission contact the application vendor. The security settings ( Component Services -> Computers -> My Computer | Properties ) on the Default Properties tab were enable DCOM ticked, Enable COM internet services unticked, Default Authentication level set to Connect, Default Impersonation Level set to Identify (not set to impersonate for testing) under the Com Security tab, Access permissions defaults are; SELF - Local and remote SYSTEM - local (and now remote for testing) LOCAL SERVICE - local (and now remote for testing) NETWORK SERVICE - local Administrators - local and remote Under limits (and this is where I'm thinking something has been fiddled) Everyone - local and remote LOCAL SERVICE - Local and remote Performance Log Users - Local and remote Distributed COM Users - Local and remote Under the Launch and Activation Defaults; SYSTEM - Local Launch, Local Activation (and now remote Launch and activate for testing) LOCAL SERVICE - Local Launch, Local Activation (and now remote Launch and activate for testing) Administrators - Local and Remote Launch, Local and Remote Activation INTERACTIVE - Local and Remote Launch, Local and Remote Activation Under the Launch and Activation Limits Everyone - Local Launch and Local Activation LOCAL SERVICE - Local and Remote Launch, Local and Remote Activation Administrators - Local and Remote Launch, Local and Remote Activation Performance Log Users - Local and Remote Launch, Local and Remote Activation Distributed COM Users - Local and Remote Launch, Local and Remote Activation the Local Service as reported in the COMRuntime 18210's does have be default all the required access, launch and activation security requirements, the errors indicate the problem is with the binaries, but it just doesn't add up. 3 weeks ago this server had no problems. This server has also been logging DCOM errors to its DNS forwarders and some changes were looked at for that but these have now been reversed.
September 18th, 2012 10:57pm

Hi, Thank you for the post. 1. Your DCOM settings is normal 2. I just see one APPID {} in your post: APPID {48DA6741-1BF0-4A44-8325-293086C79077} .Backup your registry first .Locate HKEY_CLASSES_ROOT\AppID\{48DA6741-1BF0-4A44-8325-293086C79077}, take Administrators to be the owner of this key. .you will see the servicename in default key .Deleted AccessPermission/LaunchPermission key (optional) .Reboot your server (optional) .Add local service to Servicename from dcomconfig, and give launch and activation and access permission. If there are more inquiries on this issue, please feel free to let us know. Regards Rick Tan TechNet Community Support
Free Windows Admin Tool Kit Click here and download it now
September 20th, 2012 5:43am

Hi Rick thanks for the help, I was able to reset the IASDataStoreComServer - which has the AppID of 48DA6741-1BF0-4A44-8325-293086C79077 However I can't do that for the other errors - the 18210s. They all don't list an AppID and also say its a programmatic fix. They are all Microsoft components - I'm thinking the service's Log On As account has been changed, I just don't know what service or what the account should be. Heres the remaining errors - COMRuntime 18210 The application-specific permission settings do not grant Local access permission to the COM Server application C:\Windows\system32\DFSRs.exe with APPID Unavailable to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). The application set this security permission programmatically; to modify this security permission contact the application vendor. The application-specific permission settings do not grant Local access permission to the COM Server application C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe with APPID Unavailable to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). The application set this security permission programmatically; to modify this security permission contact the application vendor. The application-specific permission settings do not grant Local access permission to the COM Server application C:\Windows\system32\svchost.exe with APPID Unavailable to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). The application set this security permission programmatically; to modify this security permission contact the application vendor. The application-specific permission settings do not grant Local access permission to the COM Server application C:\Windows\system32\iashost.exe with APPID {48DA6741-1BF0-4A44-8325-293086C79077} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. The application-specific permission settings do not grant Local access permission to the COM Server application C:\Windows\system32\lsass.exe with APPID Unavailable to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). The application set this security permission programmatically; to modify this security permission contact the application vendor.
September 20th, 2012 11:30pm

Please try to backup and delete the following registry path, and import the correct registry keys from other working server, then check again. HKLM\Software\Microsoft\OLEPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Free Windows Admin Tool Kit Click here and download it now
September 28th, 2012 5:03am

Please try to backup and delete the following registry path, and import the correct registry keys from other working server, then check again. HKLM\Software\Microsoft\OLEPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
September 28th, 2012 5:03am

Hi Kevin I've performed the steps you outlined but the server is still producing errors. It has not been restarted yet however, that is scheduled for next week. Should the restart clear this up or is further action required?
Free Windows Admin Tool Kit Click here and download it now
October 5th, 2012 3:16am

Have you rebooted the server? and how things are going?Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
October 17th, 2012 2:19am

Hi Kevin The error was logged once after the first reboot, I had the server rebooted again this morning and so far have not seen any errors. I'm monitoring it and if it doesn't re-occur by the end of the week I'd say its fixed. Not sure why the problem was logged for all the affected services once after the restart, which is the only reason I'm not certain its fixed
Free Windows Admin Tool Kit Click here and download it now
October 17th, 2012 3:23am

Hi melts, how things are going? did the error log occur again?Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
November 1st, 2012 1:09am

we haven't seen it repeat after the restart on the 17th, so i'd say its all good. thanks for the help!
Free Windows Admin Tool Kit Click here and download it now
November 5th, 2012 3:29am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics