Karim Zaki

Event ID: 10016 Source: DistributedCOM, how to know the APPID corresponds to


Event ID: 10016
Source: DistributedCOM
Description:
The application-specific permission settings donot grant Local Launch permission for the COM Server application with CLSID
{24FF4FDC-1D9F-4195-8C79-0DA39248FF48}
 and APPID
{B292921D-AF50-400C-9B75-0C57A7F29BA1}
 to the user NT AUTHORITYSYSTEM SID(S-1-5-18) from address LocalHost (Using LRPC). This security permission can bemodified using the Component Services administrative tool.
APPID{B292921D-AF50-400C-9B75-0C57A7F29BA1} corresponds to the DCOM NAP AgentService, which in turn is part of the Network Access Protection Agentservice.
Search the Registryfor the CLSID to determine what product is calling the NAP Agent ServiceAPPID.  In this case the CLSID is the Quarantine Private SHA Bindingclass, which is a Kaspersky Anti-virus product.
By default the serviceNetwork Access Protection Agent is stopped and the Start Type is set toManual.
Cause:
The DCOM error isbeing generated because the application’s SHA encryption module is trying toregister with the NAP Agent even when NAP is not enabled.  Severalapplications are known not to verify the NAP Agent is running before attemptingto register themselves.
Solution:
Method 1
This DCOM error can beignored if you don’t use NAP in your current environment. 
Method 2
Enable the NetworkAccess Protection Agent
Method 3
Contact the vendor ofthe software trying to register with the NAP Agent to see if they have releaseda fix for this issue

Advertisement

Published by Karim Zaki

MBA Major MIS MCP (Microsoft Certified Professional) Windows XP. Microsoft Certified in (Managing and Maintaining Microsoft server 2003). Microsoft Certified in (implementing, Managing and Maintaining a Microsoft windows server 2003 infrastructure) Microsoft Certified in (Maintaining a MS Win Server 2003 Active Directory) MCSA 2003 ISA 2006 Microsoft Internet Security and Acceleration Server 2006, Configuring MCTS Microsoft Certified Technology specialist MCITP 2008 (Microsoft Certified IT professional) MCSA 2012 Server (Microsoft Certified solution Associate) AZURE Administrator Associate MS 365 Identities and services MS 365 Mobility and security Microsoft 365 Certified: Security Administrator Associate Microsoft 365 certified enterprise administrator expert, MS 365 System administrator, configuring designing and securing. Azure Active Directory administrator configuration and securing identities. Plan identity synchronization for azure active directory Microsoft advanced threat Protection, Access for external users B2B for Microsoft workloads, Azure Advanced Threat Protection, Intune Endpoint administrator designing and securing, Microsoft Cloud App Security configuring and designing. SCSM designing and configuration, Automating IT Operations, Securing and designing exchange online, SharePoint online, MS teams, OneDrive, azure, and MS 365, Intune designing, configuring and supporting.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.