Event ID 10015 — COM Security Policy Configuration
Applies To: Windows Server 2008
COM+ applications use Microsoft Component Object Model (COM) technology in Microsoft Windows operating systems to communicate and take advantage of Windows services. COM technologies include COM+, DCOM, and ActiveX Controls.
An administrator can use the Component Services administrative tool to control the COM + application security policy through configurable settings that are located on the Security tab of the application's properties sheet.
Event Details
Product: | Windows Operating System |
ID: | 10015 |
Source: | Microsoft-Windows-DistributedCOM |
Version: | 6.0 |
Symbolic Name: | EVENT_DCOM_ACCESS_DENIED_IN_MACHINE_LAUNCH_RESTRICTION |
Message: | The computer-wide limit settings do not grant %1 %2 permission for the COM Server application with CLSID %3 to the user %4\%5 SID (%6) from address %7. This security permission can be modified using the Component Services snap-in. |
Resolve
Check the server's security policy
Update the security policy settings on the server to allow the requested operation to complete. The text of the event message may provide details to help you configure the security policy. Use the Component Services administrative tool to update the server's security policy to allow the requested operation to complete.
To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.
To open Component Services and find the server's security properties:
Click Start, and then click Run.
Type comexp.msc, and then click OK. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
To locate your computer, click Component Services, click Computers, and then click My Computer.
Right-click My Computer, click Properties, and then click the COM Security tab.
Under Access Permissions, click Edit Limits to check and, if necessary, change the Access Permissions limits on applications that determine their own permissions.
Under Launch and Activation Permissions, click Edit Limits to check and, if necessary, change the absolute limit on component launch and activation permissions.
Use Edit Default for each item to adjust Access Permissions and Launch and Activation Permissions to allow the requested operation to complete.
Verify
You can verify that your security policy for this server is configured properly by running the Component Services administrative tool and ensuring that the required security properties are set.
To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.
To open Component Services and verify that the required security properties are set:
- Click Start, and then click Run.
- Type comexp.msc, and then click OK. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
- To locate your computer, click Component Services, click Computers, and then click My Computer.
- Right-click My Computer, and then click Properties.
- Click the COM Security tab, and confirm that the Access Permissions and Launch and Activition Permissions properties are set properly.