Event ID 10018 — COM Security Policy Configuration

Updated: December 3, 2008

Applies To: Windows Server 2008 R2

red

COM+ applications use Microsoft Component Object Model (COM) technology in Microsoft Windows operating systems to communicate and take advantage of Windows services. COM technologies include COM+, DCOM, and ActiveX Controls.

An administrator can use the Component Services administrative tool to control the COM + application security policy through configurable settings that are located on the Security tab of the application's properties sheet.

Event Details

Product: Windows Operating System
ID: 10018
Source: Microsoft-Windows-DistributedCOM
Version: 6.1
Symbolic Name: EVENT_DCOM_ACCESS_DENIED_IN_SERVER_ACCESS_PERMISSION_PROGRAMMATIC
Message: The application-specific permission settings do not grant %1 access permission to the COM Server application %2 to the user %3\%4 SID (%5) from address %6. The application set this security permission programmatically. To modify this security permission contact the application vendor.

Resolve

Check the server's security policy

Update the security policy settings on the server to allow the requested operation to complete. The text of the event message may provide details to help you configure the security policy. Use the Component Services administrative tool to update the server's security policy to allow the requested operation to complete.

To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.

To open Component Services and find the server's security properties:

  1. Click Start, and then click Run.
  2. Type comexp.msc, and then click OK. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
  3. To locate your computer, click Component Services, click Computers, and then click My Computer.
  4. Right-click My Computer, click Properties, and then click the COM Security tab.
  5. Under Access Permissions, click Edit Limits to check and, if necessary, change the Access Permissions limits on applications that determine their own permissions.

    Under Launch and Activation Permissions, click Edit Limits to check and, if necessary, change the absolute limit on component launch and activation permissions.

  6. Use Edit Default for each item to adjust Access Permissions and Launch and Activation Permissions to allow the requested operation to complete.

Verify

You can verify that your security policy for this server is configured properly by running the Component Services administrative tool and ensuring that the required security properties are set.

To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.

To open Component Services and verify that the required security properties are set:

  1. Click Start, and then click Run.
  2. Type comexp.msc, and then click OK. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
  3. To locate your computer, click Component Services, click Computers, and then click My Computer.
  4. Right-click My Computer, and then click Properties.
  5. Click the COM Security tab, and confirm that the Access Permissions and Launch and Activition Permissions properties are set properly.

Related Management Information

COM Security Policy Configuration

Application Server

Community Additions

ADD
Show: