question

ScottE-5202 avatar image
0 Votes"
ScottE-5202 asked JP777-7730 edited

Retrieving the COM class factory for remote component with CLSID {2B72133B-3F5B-4602-8952-803546CE3344} from machine [SERVERNAME] failed due to the following error: 80070005 [SERVERNAME]

We have added a Windows Server 2019 to our network to host websites. We have tooling that uses Microsoft.Web.Administration to manage IIS however it cannot connect to the new server. I have searched a lot and found people with similar problems but have not yet found any solution that works. Any help would be greatly appreciated.

We get the following error everytime our tools try to connect to the server:

Retrieving the COM class factory for remote component with CLSID {2B72133B-3F5B-4602-8952-803546CE3344} from machine [SERVERNAME] failed due to the following error: 80070005 [SERVERNAME].
at System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandleInternal& ctor, Boolean& bNeedSecurityCheck) at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean skipCheckThis, Boolean fillCache, StackCrawlMark& stackMark) at System.RuntimeType.CreateInstanceDefaultCtor(Boolean publicOnly, Boolean skipCheckThis, Boolean fillCache, StackCrawlMark& stackMark) at System.Activator.CreateInstance(Type type, Boolean nonPublic) at System.Activator.CreateInstance(Type type) at Microsoft.Web.Administration.ConfigurationManager.CreateAdminManager[TClass,TInterface](WebConfigurationMap webConfigMap, Boolean isAdminConfig, Boolean isRedirectionConfig) at Microsoft.Web.Administration.ConfigurationManager.CreateWritableAdminManager(WebConfigurationMap webConfigMap, String configPathToEdit, Boolean isAdminConfig, Boolean isRedirectionConfig) at Microsoft.Web.Administration.ConfigurationManager.CreateConfiguration(WebConfigurationMap configMap, String configPathToEdit, Boolean isAdminConfig, Boolean isRedirectionConfig) at Microsoft.Web.Administration.ConfigurationManager.GetConfiguration(String rawConfigurationPath, String cacheKey, Boolean isAdminConfig, Boolean isRedirectionConfig) at Microsoft.Web.Administration.ConfigurationManager.GetApplicationHostConfiguration() at Microsoft.Web.Administration.ServerManager.SitesSectionCreator() at Microsoft.Web.Administration.Lazy.Initialize[T](T& target, CreateInstanceDelegate`1 valueFactory) at Microsoft.Web.Administration.ServerManager.get_SitesSection() at Microsoft.Web.Administration.ServerManager.SitesCollectionCreator() at Microsoft.Web.Administration.Lazy.Initialize[T](T& target, CreateInstanceDelegate`1 valueFactory) at Microsoft.Web.Administration.ServerManager.get_Sites()

windows-serverwindows-server-iis
· 4
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@ScottE-5202

We have tooling that uses Microsoft.Web.Administration to manage IIS however it cannot connect to the new server.

It is difficult to reproduce your problem based on your description, how did you manage IIS using Microsoft.Web.Administration?

0 Votes 0 ·

Web have some .NET Framework console apps and an internal website that all uses Microsoft.WebAdministration to help us manage our websites. Below I listed steps that can reproduce the issue:

Not including setting up the servers the below steps took me about 5-10 minutes
====== Steps to Reproduce ======
- Have at least 2 servers on the same network, running IIS.
- With Visual Studio create a .NET Framework console app
- Get the nuget package for "Microsoft.Web.Administration" version: 7.0.0 (not the latest version)
- **.NET Core verion of Microsoft.web.administration ServerManager.OpenRemote(...) does not work at all
- Copy the code from the next post into the new console app. The code will connect to the remote server and attempt to iterate and count the websites in IIS on the target server
- In the code set the correct server name that you are trying to connect to. Replace this: ENTER_TARGET_SERVER_NAME_HERE
- Build the app and copy it to the machine you will connect from
- Run the .exe

*Note: This works with no problems when connecting to Windows Server 2012 R2
*Note: This also connects to Windows Server 2016 as long as you have not installed "Security Update for Microsoft Windows KB5016622" This update when installed will produce the same error you will see when connecting to a Windows Server 2019

0 Votes 0 ·
     static void Main(string[] args)
     {
         string serverName = "ENTER_TARGET_SERVER_NAME_HERE";
         List<string> result = new List<string>();
         try
         {
             using (ServerManager iisManager = ServerManager.OpenRemote(serverName))
             {
                 foreach (Site site in iisManager.Sites)
                 {
                     Binding url = site.Bindings.FirstOrDefault();
                     result.Add(url.Host);
                 }
             }
         }
         catch (Exception err)
         {
             Console.WriteLine(err.Message + "\r\n" + err.StackTrace);
         }
         Console.WriteLine("Site Count: " + result.Count);
         Console.WriteLine("Execution Completed" );
         Console.ReadLine();
     }
0 Votes 0 ·

I started having the exact same problem after I updated and installed KB5017315 on Windows 2019 server.
Please let me know if anyone else is having this problem and any resolution to it.

0 Votes 0 ·
SamWu-MSFT avatar image
0 Votes"
SamWu-MSFT answered SamWu-MSFT commented

@ScottE-5202

It could be various reasons for this error, like permissions or misconfiguration of application pool, etc. Here, we have mentioned some settings that may help to fix your issue.

  1. Ensure that your application pool identity has the proper permission for the website root folder. Also, be sure about your application pool identity user(IIS Apppool\<app pool name>) before applying for permission. If the issue doesn't fix, you can go for the other options.

  2. You may be running on a windows server with 64 bit OS. try to enable 32-bit applications for the Application Pool. Go to Websites >Select the application pool your 32-bit application will run under > Click Advanced setting > Set Enable 32-bit Applications to True.

  3. Provide read/write permission to the website application pool identity to the C:\Windows\Temp folder.

Besides, if you need to remote administration the IIS, please ensure you have set the IIS management service correctly: delegating-iis-administration-to-domain-users-non-administrators.


If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

After applying these suggestions i am still seeing the error in the original post

1: Permissions on website folders and the AppPool Identity are correct
2: We also already have 32 bit applications enabled
3: I added permissions to the temp folder but there was no change in observed behavior

We do not administer IIS on our servers from outside the network. Everything is inside the network. Microsoft.Web.Administration uses COM objects and I think DCOM to access the IIS configuration files to perform its tasks across the network. I still followed your 4th suggestion but that did not change the observed behavior either.

We configure all our servers the same way. Including opening up the firewall for "COM+ Network Access (DCOM-IN)"
The only difference is that this server is running Server 2019 and our others run Server 2012 R2 or Server 2016( without Windows Update KB5016622 - becuase this update produces the error in the original post after it is installed)

This make me think the issue has to be with a security change

0 Votes 0 ·

@ScottE-5202 Could you please open a support ticket for this? one of our engineers will help find the root cause.

0 Votes 0 ·
MotoX80 avatar image
0 Votes"
MotoX80 answered ScottE-5202 published

This make me think the issue has to be with a security change

Do you see any logon failures in the security eventlog on the destination server? And at the same time, do you see a successful logon for the app pool identity account when you try to connect?

Have you reviewed the dcomcnfg access permissions?

241952-image.png


If you run the code that you posted interactively with an account that has admin access on the target server, is it able to connect?




image.png (132.9 KiB)
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Sorry i thought i had posted my reply 3 days ago.

Yes i do see a logon failure in Event Viewer security section but then above the error is a successful logon event. Both are for the same user that is an administrator. This is the only program running under that user so i know both the failed and success logon logged events were from the same instance. I reviewed the events but they dont look like they contain any helpful information. But i could paste them here if you think it is helpful.

Yes we have reviewed dcomcnfg. Admins have remote access (access for everything).

Yes the code i posted runs under an admin user.

0 Votes 0 ·