,Japan
This section describes the repair procedure for Event ID 10016.
The logs indicate that the Windows built-in account [LOCAL SERVICE] cannot access the DCOM component [ShellServiceHost].
The Microsoft official recommends ignoring DCOM errors as they signal the result of Windows operating as specified.
It seems that side effects may occur when repairing.
Well, the main subject.
I didn't want to see the error displayed in the Event Viewer so I tried to fix it.If you plan to use this article as a guide, understand the risks and do so at your own risk.
Please note that incorrect operation may prevent Windows from starting.
[Things necessary]
- Registry editor
- Component service
Event log
The event log is reprinted.* "ShellServiceHost" is not displayed in Event Viewer.
message | CLSID for application-specific permission settings {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} And APPID {4839 DDB7-58C2-48F5-8283-E1D1807D0D7D} Local activation permission for the COM server application on the application container Unavailable SID (not available) at address LocalHost (using LRPC) user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) I can not give it. This security permission can be changed using the Component Services Management Tool. |
Log name | system |
Source | DistributedCOM (DCOM) |
Event ID | 10016 |
level | error |
user | LOCAL SERVICE |
APPID | {4839 DDB7-58C2-48F5-8283-E1D1807D0D7D} |
APPID Name | ShellServiceHost |
Repair procedure
You should not make a mistake as you operate [registry editor> component service> registry editor] and 2 system tools alternately.The full picture of the restoration work is as follows.
- Change the owner of APPID in Registry Editor
- Set the changed owner's permissions to full control
- Start component service and add LOCAL SERVICE to APPID
- Revert the owner of APPID
- Restart your computer
1. Change the owner of APPID in Registry Editor
Registry operation is at your own risk
Before operating the registry editorMake a backup of the registry in case of unforeseen circumstances.
1.1 Start Registry Editor
Start the run, enter regedit for the name and click OK.
1.2 Search for APPID
Launch the registry editor search dialog.- Ctrl + F or Edit> Search
Enter {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} and click Find Next.
Search result (ShellServiceHost)
\HKEY _ CLASSES _ ROOT\AppID\{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
Administrator 1.3 owner from TrustedInstaller S to change
To change the owner of ShellServiceHost, the account (your account) logged in to the currently operating Windows must be an account with administrator privileges (an account belonging to Administrators).Select {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} and select [Right-click> Access Permissions].
In our environment, Administrators were registered to a group or user name, but the access permission was set to [Read].
As a trial, check the Full Control and click OK to return an error, so change the owner.
When you click [Advanced] and check the owner on the transition screen, it became TrustedInstaller.
Click Change.
Click [Change] to go to the [Select User or Group] screen. Click [Advanced].
When you click [Search], Administrators will be listed in the search results. Select it and click OK.
Let's choose the one with s at the end.
Enter the object to be selected. Confirm that PCName\Administrators has been added, click OK, and click OK on the transition screen.
2. Change Administrators permissions to full control
- Select Administrators of group name or user name
- Under the window permissions below, check Full Control 許可 Permissions and click OK
3. Start component service and add LOCAL SERVICE to APPID
In this procedure, APPID points to ShellServiceHost.
3.1 Start Component Services
Start Menu> Windows Management Tools> Component Services
To start a component service:
Start the execution with a file name, enter dcomcnfg for the name, and select OK.
Or
It will transition to [Start Menu> Windows Management Tools> Component Services].
3.2 Search for application ID
APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} is visually searched from the “Application ID” column displayed in the right pane when DCOM configuration is selected.There is no search function.
APPID Name | ShellServiceHost |
APPID | {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} |
Console root
Sakai Component Service
∨ computer
∨ My computer
構成DCOM configuration
|
3.3 Display Properties
ShellServiceHost> Right Click> Properties
After editing the registry, you can edit it by restarting the component service dcomcnfg.
3.4 Display edit screen
Security> Launch and Activation Permissions> Edit
3.5 Display Search Screen
Add> Advanced> Search
Click Search from the dialog that appears with Add> Advanced Settings.
Select LOCAL SERVICE from the search results and click OK .
3.6 Launch and Activation Permissions
Perform the following steps:- Point to LOCAL SERVICE and select it
- Check [☑ Activate from local] in the permission box and click OK
- Procedure end
4. Revert the owner of the APPID
After completing Step 3, start Registry Editor and return the owner of {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to TrustedInstaller.See step 1.
Because TrustedInstaller does not appear when you search, enter directly in the box under Enter the object to select on the Select Users or Groups screen.
Click OK when finished .
Input value | NT SERVICE\TrustedInstaller |
5. Restart your computer
Restart your computer and check the event viewer.The procedure is successful if no errors are logged.
Summary
The one used to repair the ShellServiceHost.- Registry editor
- Component service
ExecTI (free software) allows you to directly edit ShellServiceHost.
Please read the related article for the repair procedure using ExecTI.
Document
Microsoft recommends ignoring DCOM errors. It seems that side effects may occur when repairing.Event ID 10016 for DCOM Is Logged on Windows
These 10016 events are logged when a Microsoft component tries to access a DCOM component without the required permissions. In this case, this behavior is as specified.
To
These events can be ignored because they are designed without adversely affecting functionality. This is the recommended action for these events.
To
Also, to avoid this problem, change the permissions of the DCOM component so that it does not log this error. However, we do not recommend these errors, as changing permissions may cause unexpected side effects without adversely affecting functionality.
support.microsoft.com
- DCOM Event ID 10016 Is Logged on Windows 10, Windows Server 2016 and Windows Server 2019 | support.microsoft.com
Link: External link
Verification: Windows 10 Pro Fall Creators Update, v1709
:SC2
このサイトを検索 | Search this site
0 コメント