Partager via


COM Security Policy Configuration

Applies To: Windows Server 2008

COM+ applications use Microsoft Component Object Model (COM) technology in Microsoft Windows operating systems to communicate and take advantage of Windows services. COM technologies include COM+, DCOM, and ActiveX Controls.

An administrator can use the Component Services administrative tool to control the COM + application security policy through configurable settings that are located on the Security tab of the application's properties sheet.

Events

Event ID Source Message

10002

Microsoft-Windows-DistributedCOM

Access was denied during the attempt to start a DCOM server. The server is:
%1
. The user is %2/%3, SID=%4.

10003

Microsoft-Windows-DistributedCOM

Access was denied during the attempt to start a DCOM server by using DefaultLaunchPermssion. The server is:
%1
. The user is %2/%3, SID=%4.

10004

Microsoft-Windows-DistributedCOM

DCOM received error "%1" and could not log on %2\%3 in order to run the server:
%4

10015

Microsoft-Windows-DistributedCOM

The computer-wide limit settings do not grant %1 %2 permission for the COM Server application with CLSID
%3
to the user %4\%5 SID (%6) from address %7. This security permission can be modified using the Component Services snap-in.

10016

Microsoft-Windows-DistributedCOM

The %1 permission settings do not grant %2 %3 permission for the COM Server application with CLSID
%4
to the user %5\%6 SID (%7) from address %8. This security permission can be modified using the Component Services snap-in.

10017

Microsoft-Windows-DistributedCOM

The %1 permission settings do not grant %2 access permission to the COM Server application %3 to the user %4\%5 SID (%6) from address %7. This security permission can be modified using the Component Services snap-in.

10018

Microsoft-Windows-DistributedCOM

The application-specific permission settings do not grant %1 access permission to the COM Server application %2 to the user %3\%4 SID (%5) from address %6. The application set this security permission programmatically. To modify this security permission contact the application vendor.

10019

Microsoft-Windows-DistributedCOM

The computer-wide limit settings do not grant %1 access permission to the COM Server application %2 to the user %3\%4 SID (%5) from address %6. This security permission can be modified using the Component Services snap-in.

10020

Microsoft-Windows-DistributedCOM

The computer-wide %1 %2 security descriptor is invalid. It contains Access Control Entries with permissions that are invalid. The requested action was therefore not performed. This security permission can be corrected using the Component Services snap-in.

10021

Microsoft-Windows-DistributedCOM

The launch and activation security descriptor for the COM Server application with CLSID
%1
is invalid. It contains Access Control Entries with permissions that are invalid. The requested action was therefore not performed. This security permission can be corrected using the Component Services snap-in.

10022

Microsoft-Windows-DistributedCOM

The %1 access security descriptor for the COM Server application %2 is invalid. It contains Access Control Entries with permissions that are invalid. The requested action was therefore not performed. This security permission can be corrected using the Component Services snap-in.

10023

Microsoft-Windows-DistributedCOM

The application-specific access security descriptor for the COM Server application %1 is invalid. It contains Access Control Entries with permissions that are invalid. The requested action was therefore not performed. The application set this security permission programmatically. To modify this security permission contact the application vendor.

10024

Microsoft-Windows-DistributedCOM

The computer-wide group policy %1 Limits security descriptor is invalid. The security descriptor is defined as an invalid Security Descriptor Definitions Language (SDDL) string. The requested action was therefore not performed. Please contact your administrator to correct the security descriptor in the Group Policy settings.

10027

Microsoft-Windows-DistributedCOM

The computer-wide limit settings do not grant %1 %2 permission for COM Server applications to the user %3\%4 SID (%5) from address %6. This security permission can be modified using the Component Services snap-in.

18207

Microsoft-Windows-COMRuntime

The computer-wide limit settings do not grant %1 %2 permission for the COM Server application with CLSID
%3
to the user %4\%5 SID (%6) from address %7. This security permission can be modified using the Component Services snap-in.

18208

Microsoft-Windows-COMRuntime

The %1 permission settings do not grant %2 %3 permission for the COM Server application with CLSID
%4
to the user %5\%6 SID (%7) from address %8. This security permission can be modified by using the Component Services snap-in.

18209

Microsoft-Windows-COMRuntime

The %1 permission settings do not grant %2 access permission to the COM Server application %3 to the user %4\%5 SID (%6) from address %7. This security permission can be modified by using the Component Services snap-in.

18210

Microsoft-Windows-COMRuntime

The application-specific permission settings do not grant %1 access permission to the COM Server application %2 to the user %3\%4 SID (%5) from address %6. The application set this security permission programmatically. To modify this security permission, contact the application vendor.

18211

Microsoft-Windows-COMRuntime

The computer-wide limit settings do not grant %1 access permission to the COM Server application %2 to the user %3\%4 SID (%5) from address %6. This security permission can be modified by using the Component Services snap-in.

18212

Microsoft-Windows-COMRuntime

The computer-wide %1 %2 security descriptor is not valid. It contains access control entries with permissions that are not valid. The requested action was therefore not performed. This security permission can be corrected by using the Component Services snap-in.

18213

Microsoft-Windows-COMRuntime

The launch and activation security descriptor for the COM Server application with CLSID
%1
is not valid. It contains access control entries that have permissions that are not valid. The requested action was therefore not performed. This security permission can be corrected by using the Component Services snap-in.

18214

Microsoft-Windows-COMRuntime

The %1 access security descriptor for the COM Server application %2 is not valid. It contains access control entries that have permissions that are not valid. The requested action was therefore not performed. This security permission can be corrected by using the Component Services snap-in.

18215

Microsoft-Windows-COMRuntime

The application-specific access security descriptor for the COM Server application %1 is invalid. It contains Access Control Entries with permissions that are invalid. The requested action was therefore not performed. The application set this security permission programmatically. To modify this security permission contact the application vendor.

18216

Microsoft-Windows-COMRuntime

The machine wide group policy %1 Limits security descriptor is not valid. The security descriptor is defined as a not valid Security Descriptor Definitions Language (SDDL) string. The requested action was therefore not performed. To correct the security descriptor in the Group Policy settings, contact your administrator.

18219

Microsoft-Windows-COMRuntime

The computer-wide limit settings do not grant %1 %2 permission for COM Server applications to the user %3\%4 SID (%5) from address %6. This security permission can be modified by using the Component Services snap-in.

COM

Application Server