Thursday, 29 October 2009

DCOM error 10016 with SharePoint 2010 on Windows Server 2008 R2

This used to happen with MOSS 2007 on Server 2003 too, so I wasn’t that concerned… Usual process of finding the CLSID in the Registry and changing the permissions using the Component services snap-in… Or so I thought…


Here is the error:


Log Name:      System
Source:        Microsoft-Windows-DistributedCOM
Date:          29/10/2009 11:52:52
Event ID:      10016
Task Category: None
Level:         Error
Keywords:      Classic
User:          CORPNET\_SP_Farm
Computer:      SP2010TP.CORPNET.beta
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
to the user CORPNET\_SP_Farm SID (S-1-5-21-1469829728-1532128048-1498870291-1109) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
Event Xml:
<Event xmlns="">
    <Provider Name="Microsoft-Windows-DistributedCOM" Guid="{1B562E86-B7AA-4131-BADC-B6F3A001407E}" EventSourceName="DCOM" />
    <EventID Qualifiers="49152">10016</EventID>
    <TimeCreated SystemTime="2009-10-29T11:52:52.000000000Z" />
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Security UserID="S-1-5-21-1469829728-1532128048-1498870291-1101" />
    <Data Name="param1">application-specific</Data>
    <Data Name="param2">Local</Data>
    <Data Name="param3">Activation</Data>
    <Data Name="param4">{61738644-F196-11D0-9953-00C04FD919C1}</Data>
    <Data Name="param5">{61738644-F196-11D0-9953-00C04FD919C1}</Data>
    <Data Name="param6">CORPNET</Data>
    <Data Name="param7">_SP_Farm</Data>
    <Data Name="param8">S-1-5-21-1469829728-1532128048-1498870291-1109</Data>
    <Data Name="param9">LocalHost (Using LRPC)</Data>


I found {61738644-F196-11D0-9953-00C04FD919C1} to be IISWAMREG as I suspected (no harm in verifying the ID in regedit!).


Next, I opened the Component Services Snap-In (StartRun > comexp.msc) and drilled down through Component Services > Computers > My Computer > DCOM Config > IIS WAMREG Admin Service ….


Only to find all options greyed out!!




At first I thought UAC was the culprit so I ran did the “right click >run as administrator” which made no difference…


Thinking it had to be a permissions issue I fired up my old friend Process Monitor (from Sysinternals: and found I didn’t have permission!


Date & Time:    29/10/2009 12:25:35
Event Class:    Registry
Operation:    RegOpenKey
Path:    HKCR\AppID\{61738644-F196-11D0-9953-00C04FD919C1}
TID:    748
Duration:    0.0000322
Desired Access:    Write, Query Value, Enumerate Sub Keys, Write DAC


So back to Regedit to inspect permissions…


Found that as an Administrator I didn’t have full control:




Granted CORPNET\Administrators full control, re-opened the MMC and was able to correct the permissions, to do this:


Open the Component Services Snap-In (StartRun > comexp.msc) and drill down through Component Services > Computers > My Computer > DCOM Config > IIS WAMREG Admin Service


Right click on IIS WAMREG Admin Service and on the Security tab click Edit in the Launch and Activation  Permissions section.

Grant the account referenced in the event log (mine is _SP_Farm) the following permissions:


Allow: Local Launch

Allow: Local Activation




All done ;)


You might as well grant the same rights to the accounts you’re going to use for running Service Apps at this point (or you’ll be back here in a few minutes anyway!).




As Tristan ( points out, if you do this for the WSS_WPG and WSS_ADMIN_WPG groups (local to each SP2010 server) rather than individual user accounts you will accommodate future changes. Thanks Tristan!


  1. Hi Matt,

    Thanks for posting this! One minor thing - I'd suggest granting the Launch and Activation permissions to the WSS_WPG and WSS_ADMIN_WPG local groups to save having to do this for any future changes.



  2. Tristan, that is a very valid point, have updated the post. Thanks for yout feedback!

  3. Hi Matt,

    Just wanna make a little remark concerning this issue on Windows 7. You may have to take ownership of the registry key, with the machine "administrators" group for instance, before being able to change the permissions to full control.

    Anyway, thank you for the post. That helped !


  4. @catalin - that's useful info, I haven't tried running SP2010 on 7 yet, but will bear your comments in mind when I do.
    Thanks for the feedback!

  5. Hi Matt, Good post. Although I am still having issues with greyed out boxes. I have ran Regedit as administrator, taken ownership and applied the Full Control permission for the administrators group for the IIS WAMREG CSLID reg entry. I then ran component services as administrator but the Security tab is still greyed out for the IIS WAMREG entry. This is also following a server restart. Any ideas?
    cheers, Steve

  6. @alfiescott - are you logged on the server with an account that is a member of the "administrators" group? Did you check the CLSID is what you think it is? (search the registry for the CLSID referenced in the event log error and it will tell which component it relates to, it may not be IISWAMREG...
    Let me know how you get on.

  7. Hi Matt, Yep I'm using my domain admin account for this although I have tried with the local admin and Enterprise admin account as well after it failed the first time. I have also checked the local security policy to ensure that there are no user account restrictions. I have tracked down the CLSID from the 10016 errors which identify: 61738644-F196-11D0-9953-00C04FD919C1 - IIS WAMREG. This is following a fresh install of MOSS2007 so it seems to be the exact issue above although for some reason the security tab in Component Services is still greyed out even after following the procedure to grant the administrators group full control in the registry. I cannot seem to find any forum or blog posts that refer to someone still having this issue afer changing the permissions.

  8. I'm having the same problem. I can't even change the Permissions. Every time I try to edit or change the Permissions through regedit, I get:

    Unable to save permission changes ... Access is denied.

  9. @alife and @gary - at the point that you make the registry permissions change does ProcessMonitor report anything for regedit.exe?

  10. I fixed it. I had to make Administrators the owner with regedit. this enabled me to modify/save wamreg settings.

    Now if I could solve:

    SQL Database 'Application_Registry_Service_DB_397f49ae3d2742d7a81076eabe31724c' on SQL Server instance 'WEBSERVER\SharePoint' not found. Additional error information from SQL Server is included below.

    Cannot open database "Application_Registry_Service_DB_397f49ae3d2742d7a81076eabe31724c" requested by the login. The login failed.
    Login failed for user 'NT AUTHORITY\NETWORK SERVICE'

    I'm amazed that you can install Sharepoint and not have things setup so you can use it! Are there installation instructions that I'm not aware of?? It always seems that I have to do 3 weeks of research just to get Sharepoint working properly. I had similar issues with SP 3.0 on Server 2003.

    Do I need to give SQL 'NT AUTHORITY\NETWORK SERVICE' permission some where??

  11. I had tried changing the owner in Regedit already but this did not resolve the issue. I have decided to start again from scratch including removing the Server Roles, IIS, Application Server etc. I will let you know how I get on this time round.

  12. @gary - great to see you're making progress! Looks like NETWORK SERVICE is being used for a service account, is this a single server install or is SQL running on a different server or VM?

  13. @alfie - please do let me know, are you re-installing the OS as part of your rebuild?

  14. Hi Matt, I reinstalled the OS and started from scratch. When I installed the Application Server role this time around I also selected the "COM+ Network Access" additional feature and since re-installing SharePoint I have not had any errors at all in Event Viewer never mind the DCOM errors I was experiencing before. I'm not sure whether this was the reason or if I had managed to do something else differently during configuration. Many thanks for your help with this issue.

  15. Matt,

    Thanks for all your help. This is a single server install. I'm still getting the same repetitive events:

    Warning:Crawl cannot be started because the content source Local SharePoint sites has no start addresses. Add at least one start address.

    Context: Application 'Search_Service_Application', Catalog 'Portal_Content'

    Plus the Critical error I listed above.

    I'll be taking a look at selecting "COM+ Network Access" feature suggested by alfie. Would like to hear your thoughts on it. Can this be edited without doing a reinstall?

  16. Matt,

    I opened Server Manager, highlighted Aplication Server. COM+ Network Access is (was already) installed, The only additional roles for Application Server listed is Distributed Transactions, which I assume I shouldn't need in a single server environment,

  17. Thanks for this fix. Worked for me! To alfiescott and others: are you sure you aren't change the permissions on HKCR\CLSID\... instead of the HKCR\AppID\...? The former does not fix the "greyed-out" issue, the latter does. (I know because I made that mistake!)

  18. Or if the GUID in the error-message is same as the guid you are adapting? If yes, does it stand for the IIS WAMREG Admin Service or an other component? At my Wind 2008 R2 it was an other component....

  19. You need to search the registry for the GUID of the component, it may not be IIWS WAMREG, the registry will tell you.

  20. Thank you, it was useful.

  21. Nice info. thanks for sharing.

  22. I too get this error. Very thanks to you. You have given the solution at the right time. Great work from you. Keep it up..

  23. Hi their,

    yup yup i also join the club with this nice error only i am a bit more unfortunate and feel like a donkey.

    Normaly I always make snap-shot from my VM's before i do exciting stuf but now for 2 weeks i'm asking the client on phone and mail for access to the machine and you guessed it, still no access.
    So what i do proceed in changing the registry and forgot about exporting it.

    The result is that now my Publishing Feature is not starting. if I deactivate everything is fine but as soon as i activate BAM corelation ID error's.

    I even reinstalled the binaries or tried to make a new web app with the publish feature same result. It doesn't give me a nice feeling when entering this Christmas weekend, hopefully one of you guys have a briliant idea.


  24. Maarten, if you join another web server to the farm does it also suffer the errors?
    I'm just thinking that the registry issues will probably be limited to the single server and the actual content will be fine...

  25. Have tried everything above but settings continue to be grayed out? I have rebooted the server and varified that the user account I am using has admin writes to the registry key. Not sure what to do from here?

  26. Nevermind changed the HKCR\CLSID\... instead of the HKCR\AppID\ That fixed... Thank you!

  27. Thank you very much Matt for this very good post that helped my to to break a deadlock.

  28. Thanks, I could stop an annoying sharepiont error by this post

  29. Stage Three - Now we can inspect what to by and large search for in the best vinyl trade window to use for your home window substitution venture. best solar batteries

  30. While hunting down couple of minutes I found a site proposing changing over an old PC into a media server.Continue Reading

  31. Keeping your podcast description to 160 characters or less will also ensure sharp looking search results when people find your page in the organic search comment

  32. The main time an alternate methodology is required is the point at which you have the two jobs on the task in which case you will be required to recognize the two jobs and dole out every job the work they are most appropriate for.

  33. Imagine a powerful computer with multiple hard drives built inside of it. Each hard drive is its own independent area, not connected to the others for security purposes.affordable dedicated server hosting

  34. Here is how a typical data recovery setting looks like - an enclosed room with external ventilation so that even the air in the clean room does not get contaminated by air from other parts of the building. data recovery services london

  35. On the off chance that you put 24 hours or seven days into learning a dialect you won't make the following Windows or another, cutting edge diversion. serverless architecture

  36. Give us a chance to behold back to reason number one - a hard drive is sensitive fragile sensitive! hard drive recovery

  37. Savaliya Oil Maker Machine for Home Usage. This Product is Easy to Use and it produces health oil for your family. There are also some other products of savaliya industry, like coconut oil maker machine, peanut oil maker machine, sesame oil maker machine.

  38. Laxmi pipe industries is leading Steel Pipe Manufacturer In India. we manufacture and supply various shape pipes like eye shape, grooved pipes etc.

  39. Shreeja Health Care is leading Manufacturer, exporter, supplier, and Wholesaler of Oil Extraction machine

  40. IENERGY NATURAL RESOURCES LIMITED (INRL) is leading us coal supplier in india.

  41. Databases have to change. There are a number of reasons why they need to change and how they need to change.

  42. your data has been lost. At the point when a hard drive crashes, it's past the point where it is possible to stress over what you "ought to have done."
    data recovery tips & solutions

  43. You can use 100% pure oil for cooking.
    Buy Shreeja Oil Maker Machine. Shreeja Oil Extraction Machine is able to extract oil from various seeds like peanuts, Coconut, Sesame, Soybean, macadamia nuts, walnuts, sunflower seeds, vegetable seeds flaxseed etc.
    Oil Maker Machine

  44. Router Tech Support Phone Number +1-844-456-4180.
    Check Out FixingBlog
    as a company was the first in its field to launch a wireless router to share a single internet connection with multiple devices.

  45. Router Tech Support Phone Number +1-844-456-4180. Continue Reading as a company was the first in its field to launch a wireless router to share a single internet connection with multiple devices.

  46. Want to buy designer dining set online? Explore our wide range of comfortable desi in different shapes, colors and styles. Shop online now!

  47. Jalaram Furniture offers huge selection of fabric to leather, classic to modern wide selection of living room sofas to suit your taste and style. Shop now!

  48. Jalaram Furniture offers a huge selection of high quality modular office furniture in surat, home decor & more in one of the best online furniture stores in Surat.

  49. Jalaram furniture is the best furniture showroom in gujarat.Shop online now!

  50. Laxmi pipe industries is leading Steel Pipe Manufacturer In India. we manufacture and supply various shape pipes like eye shape, grooved pipes etc.

  51. By using these software, a person can create snap shots of his windows, applications or any portion of his screen and can save them in commonly used picture formats. screenshot capture apps

  52. Hi there, I found your blog via Google while searching for such kinda informative post and your post looks very interesting for me.

  53. Persons appreciate shopping for amazing, appealing, fascinating and from time to time attractive aromas for them selves and pertaining to others. This can be executed conveniently along with inexpensively in an on-line perfume shop.

  54. Crafts come in many designs and styles. It is best that you have the complete materials when doing crafts. It will make your project easier, and allow you to be more organized. bulk craft glitter

  55. Shreeja Health Care is leading manufacturer of Oil Maker Machine. Shreeja Oil Extraction Machine is able to extract oil from various seeds like peanuts, Coconut, Sesame, Soybean, macadamia nuts, walnuts, sunflower seeds, vegetable seeds flaxseed etc.

  56. Looking for a good deal on bulk glitter? Explore a wide range of the best bulk glitter on GlitterMall to find one that suits you! Besides good quality brands, you’ll also find plenty of discounts when you shop for bulk glitter during big sales. Don’t forget one crucial step - filter for items that offer bonus perks like free shipping & free return to make the most of your online shopping experience!

  57. We SVJ Technocoat are the leading Service Provider and Exporter of an extensive array of PVD Coating In Surat Service and Vapor Deposition Coating Service etc. We are a well known firm for providing excellent quality coating services across the nation and in a timely manner. Owing to our improvised business models, our professionals are offering integrated solutions for our clients.

  58. DIYAM Impex Our Company DIYAM IMPEX. We have gone from strength to strength over the years, having expanded from our core business of diamond manufacturing to Real Estate, Renewable Energy and Venture Capital. Diamond has its many utility and its industrial value is enhanced by our effective services. We now focus exclusively on CVD diamonds Manufacturer In Surat. DIYAM IMPEX has grown to become a globally trusted and respected player in the diamond industry over the last five decades. Our expertise lies in our ability to produce a consistent supply of quality polished diamonds in all shapes and sizes.


  59. Candela GentleLASE medical grade laser applies precise, controlled pulses of laser. Laser Tech energy that reach down the hair shaft into the follicle underneath the skin, cauterizing the hair at its root. the encompassing tissue or skin isn’t damaged. The laser’s gentle beam of sunshine damages and consequently prevents the follicle from growing.

  60. FAB VOGUE STUDIO provide all kind of Fabric which can be use for Making any designer apparel. kota doria fabric We guarantee you’ll love working with us. Design Customization Available. Wholesale price available on request. Quality Assurance. COD Available.

  61. RQC is one of the Best Best hair transplant doctor in surat, with services, including Hair Transplant, Hair Treatment, Hairfall and Hair Loss, dermatology, and Skincare. RQC brings you the best services in hair transplant, Hair Treatment.

  62. Digital Marketing Agency In Surat provides various features like Unlimited Messages sending, Multi-multimedia message sending, Numbers Filters, Groups Contacts Grabber, Anti Block Module, Sleep Control, Speed control, delay control etc. with In built Google Map Extractor And Just Dial Extractor.
    ➡ Our Services:
    ✅ Website Design & Development
    ✅ Software Development
    ✅ Mobile App Development
    ✅ CRM / ERP Development
    ✅ Digital Marketing
    ✅ SEO / SEM / SMM / ASO
    ✅ Paid Promotion
    ✅ Graphics & Design
    ☎ +91 99132 99806 | +91 99132 99862

  63. UID Interior Design Institutes In Surat is one of the Leading fashion institute in surat. professional fashion designing course in India is in demand these day by day, what can be best than pursuing fashion designing course from the fashion capital of India itself. Yes,UID fashion designing course in surat are talking about the city of surat, where you can have ample select when it comes to fashion design.

  64. Leading Manufacturer of n95 face mask cutting roller, kn95 mask die model, face mask machine die and still n95 mask roller emdossing die from Surat. Keytex is 4p Diamond Cutting Machine in India.

  65. earn about mywifiext local software. Are you having problems with your mywifiext Find out how to make your network work faster. Get the latest tips and tricks from the experts. extender allows you to connect to your own router’s network wirelessly. Your computer must be connected wirelessly to the router directly to use My Wi-Fi extender.


Please feel free to comment on this post, I want to hear your feedback!