Home
Products
Updates
Logs
Bugs
Files
Sign In Create an Account
Recent Search Results
No Search results are currently available to display.

Your last search results will be displayed here for the duration of your browser session.

Log ReportPrint
Template Windows Event Log
Log Name System
Type Error
Source DistributedCOM
Event ID 10016
Average Threat Rating
Add Your Encounter Hide Encounters without Resolutions
joverland
Posts: 41

4/26/2011
Revision 2
Threat Rating:

Contains Resolution:
D99E6E73-FC88-11D0-B498-00A0C90312F3 is the AppID for CertSrv Request DECOM Component.  

At the time we were receiving these events the Certificate Services would not start and auto enrollment was failing. We got the Certificate Service running (see http://origin.overlandconcepts.com/item.aspx?sumID=4fc8d083-3ab5-4767-b32d-2ad0dff18c97) but continued to get this event.

When viewing the CertSrv Request component from DCOM Config the settings were grayed out.  This is because TrustedInstaller is the only account with Full Control.  By Taking Owner ship of the following registry key and graning Administrators Full Control we were able to get access to the settings:

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{D99E6E74-FC88-11D0-B498-00A0C90312F3}

We then proceeded to change the Launch and Activiation Permissions for CertSrv Request. To do this:

1. Start Component Services (comexp.msc)
2. Navigate to \Compenent Services\Computers\My Computer\DCOM Config
3. View Properties for CertSrv Request
4. Click Security Tab and click the Edit button for Launch and Activation Permissions
5. Highlight Everyone and check the box to Allow Local Launch (Everyone was the only group listed in our case and only Local Activation and Remote Activation were checked).

Restart Active Directory Certificate Services and this event should no longer be logged.



Peer Reviews (0)

No reviews have been post for this Encounter

Post a Peer Review: