Quick Solution 3 : SharePoint User Profile Synchronization fail to start with event Id 10016
Error Message
Log Name: System
Source: Microsoft-Windows-DistributedCOM
Date: 4/8/2011 10:49:29 AM
Event ID: 10016
Task Category: None
Level: Error
Keywords: Classic
User: NETWORK SERVICE
Computer: <server name>
Description:
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {000C101C-0000-0000-C000-000000000046} and APPID {000C101C-0000-0000-C000-000000000046} to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
Or
Log Name: System
Source: Microsoft-Windows-DistributedCOM
Date: 4/8/2011 10:49:29 AM
Event ID: 10016
Task Category: None
Level: Error
Keywords: Classic
User: NETWORK SERVICE
Computer: <server name>
Description:
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {A0A8C0AC-FC70-4EE2-93A8-4A2257AE8619} and APPID {38AFE312-B8E5-4354-A11F-9224307B28AC} to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
Causes
The issue is caused by the user NT AUTHORITY\NETWORK SERVICE SID does not have permissions to activate the DistributedCOM locally.
Solutions
In order to solve the issue, please grant Local Activation permission for the COM Server applications to the user NT AUTHORITY\NETWORK SERVICE. By default, the group Distributed COM Users has the permissions. So, please add NT AUTHORITY\NETWORK SERVICE to Distributed COM Users directly to fix the issue:
- Open Computer Management(Administrative Tools > Computer Management)
- Double-click Local Users and Groups
- Click Groups
- Double-click Distributed COM Users
- Click Add
- Set the location to be local machine by clicking Locations
- Type Network Service in the Enter the object name to select textbox
- Click OK to apply
Comments
Anonymous
November 30, 2012
So many sites have the espoused the method of taking ownership of the registry for the DCOM objects and then granting permission on the DCOM object - nice alternative!Anonymous
February 11, 2013
Hi, I tried this - it doesn't work. I added my Sharepoint Farm Account to the group and I am still seeing 10016 errors in the event log, specifically with DCOM App ID's {61738644-F196-11D0-9953-00C04FD919C1} and {000C101C-0000-0000-C000-000000000046} Unless you grant ownership of their respective registry keys to the local Administrators group and then explicitly grant Launch and Activation permissions using Dcomcnfg then you still see these errors. I was hoping this would be a neat and quick solution to this problem but I'm afraid it isn't.....