Application specific permission settings cannot include CLSID – AD

Wrote an article last week "Application specific permission settings cannot include CLSID – SQL」,At that time, I saw it in the system event record on SQL Server,The permissions in question are in the role of SQLSERVERAGENT,There is no problem with the permissions of the server itself (SYSTEM 及 Administrator)。I saw the same message on the AD server today,This time, the server itself has insufficient permissions,Therefore, multiple steps are required to retrieve the permissions from regedit。


◎ Open "Component Service",In "DCOM Settings",Switch to "Details" view mode。。
◎ Find the APPID in the event record one by one,I, for one,Looking for "{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}“。。
◎ Finally, you can find the corresponding component "RuntimeBroker"。


◎ Right click on the component-"Content",Switch to the "Security" page。
◎ Here you can see that the buttons are all grayscale,Means we don't have permission。


◎ Executive Regedit,Search "{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}“。
◎ Right click on the machine code,Select "Use Rights"。


◎ After entering the permission setting screen,We ca n’t change the content yet,So first click "Advanced"。


◎ The default "owner" is”TrustedInstaller”,Ready to change it to manager。


◎ After changing to manager,Press OK,Return to the previous permission setting screen。


◎ Added "Full Control" permission for SYSTEM and administrators。


◎ Next,Go back to the "Component Services" window,Rearrange the picture(Or turn off and on),And enter the content of the element,At this point the button can be clicked。
◎ Click "Edit" in the "Activate and Enable Permission" item。


◎ If there is a "Windows Security" warning screen,Click "Remove"。


◎ Go to the permission setting screen,You can see that the roles of SYSTEM and manager are missing。


◎ Click "Add",Join SYSTEM and managers,
◎ and activate the "local" of the two characters、Change the permission of "Local Activation" to "Allow"。



This site uses Akismet to reduce spam. Learn how your comment data is processed.

Inline Feedbacks
View all comments