Partilhar via


Script to restore restore the default DCOM settings

Sometimes I had some colleagues coming out to me asking for help to troubleshoot some weird errors around the old faithful DCOM.

What I had noticed is that some of those times the issues had is root in a not very smart action from them, like for example thinking that they do not DCOM and though disable it.

Important point, if you disable DCOM, may you may lose operating system functionality.

After you disable support for DCOM, the following may result:

  • Any COM objects that can be started remotely may not function correctly.
  • The local COM+ snap-in will not be able to connect to remote servers to enumerate their COM+ Catalog.
  • Certificate auto-enrolment may not function correctly.
  • Windows Management Instrumentation (WMI) queries against remote servers may not function correctly.

So, usually the best approach I came out for helping with this was to create a script that I can easily handover to restore the default DCOM settings.

The following script is useful for automatically making the default DCOM settings. This would not require any manual intervention of incorrectly modifying the registry. This automated method can be deployed to multiple machines in the organization.'Configure Basic Remote DCOM Settings


'==================================================
' ENABLE Remote DCOM
' DCOM Authentication Level set as CONNECT
' DCOM Impersonation Level as IMPERSONATE

Set WSHShell = WScript.CreateObject("WScript.Shell")

'To Enable Remote DCOM in the computer
WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Ole\EnableDCOM","Y","REG_SZ"

'To Set Authentication Level to Connect
WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Ole\LegacyAuthenticationLevel",2,"REG_DWORD"

'To Set Impersonation level to Impersonate
WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Ole\LegacyImpersonationLevel",3,"REG_DWORD"


And that's it, problem solved...Well sometimes, if not...more troubleshoot.

Hope that helps