It's fun and you will learn a lot
Being a big tech geek, I hate when my Windows machine isn’t working flawlessly. I figure if I can’t get my computer working perfectly, then what kind of tech person am I? Obviously, trying to get everything to work perfectly means spending a lot of time fixing issues that probably don’t cause any major issues with my system.
However, it’s still fun and you get to learn a lot. In this article, I’m talking about fixing the error that shows up in Event Viewer related to DistributedCOM. I noticed I had no other errors in my System log other than a few every day with an Event ID of 10016. The basic error message was the same:
The application-specific permission settings do not grant Local Activation permission for the COM Server application
It also listed out a CLSID, an APPID, an SID and something about modifying permissions using Component Services.
After reading through some dense forum posts, I was able to fix this error so that it no longer appeared in the Event Viewer. It’s quite a process, so make sure you have an hour or two to spare before you start.
Step 1 – Check the Process
The first thing we have to do is figure out which process or service is associated with the CLASS ID listed in the error. To do this, go ahead and copy the CLSID listed in the event description. In my case, it started with {D63B10C5. Make sure to copy both the curly braces also.
Now you need to open the registry editor by clicking on start and typing in regedit. When you have the registry editor opened, click on Edit and then Find. Go ahead and paste the CLSID into the search box and press Enter.
After some time, you should get a result under the HK_CLASSES_ROOT\CLSID key. On the right-hand side, it should have two keys and the Default one should list out the name of the service. In my case and probably yours also, it should be RuntimeBroker.
The AppID should also match what is listed in the error message. Next, we have to run a script so that we can make changes to the permissions in Component Services for this service.
Step 2 – Run PowerShell Script
To fix this problem, we have to edit some permissions in Component Services for RuntimeBroker, but before we can do that we have to run a script that will allow us to make those changes.
To run PowerShell as an Administrator, you need to click on Start, type in powershell and then right-click on the result and choose Run as administrator.
Now go ahead and download the text file linked here and copy all the code and paste it into the PowerShell window (if you just right-click in the PowerShell window, it will paste whatever is in the clipboard). Then just press Enter and you should see the word Done printed out.
Step 3 – Open Component Services
You can open Component Services just like you opened PowerShell in Step 2. Click on Start and type in component services. You don’t have to run this program as administrator. Once there, navigate to the following location:
Component Services - Computers - My Computer - DCOM Config
Scroll down until you find Runtime Broker. In my case, there were two of them! How do you know which one is the listed in the error?
Right-click on each of them and choose Properties. On the General tab, you’ll see Application ID, which should match the AppID from the error message. If you are getting errors in Event Viewer with an ID of 10016 and more than one CLSID, then it could be that both RuntimeBrokers need to be fixed. In my case, I only had to fix one.
Step 4 – Correct Permissions
Lastly, we need to modify the permissions. While in the RuntimeBroker properties window, click on the Security tab.
The Edit button under Launch and Activation Permissions should be clickable. If it’s greyed out, the PowerShell script didn’t run properly. When you click on edit, you might see a popup dialog warning you about unrecognized permissions.
Here you DO NOT WANT to click on Remove. Simply click on the Cancel button. Now you’ll see a list of default accounts and you might also see an Account Unknown listed.
You want to make sure you leave the Account Unknown as is. Do not remove it. At this point, you should be left with ALL APPLICATION PACKAGES and SELF. Now we have to add two accounts. Click Add and type in System and then click on Check Names. Click OK and it will add that account to the list.
Click Add again and this time type in Local Service and follow the same steps.
Once both have been added, click on them one at a time and select the Local Launch and Local Activation checkboxes under Allow. That’s about it! Now go ahead and restart your computer and you should no longer see that error appear in the Event View logs. Enjoy!