COM Security Policy Configuration
Applies To: Windows Server 2008 R2
COM+ applications use Microsoft Component Object Model (COM) technology in Microsoft Windows operating systems to communicate and take advantage of Windows services. COM technologies include COM+, DCOM, and ActiveX Controls.
An administrator can use the Component Services administrative tool to control the COM + application security policy through configurable settings that are located on the Security tab of the application's properties sheet.
Events
| Event ID | Source | Message |
|---|---|---|
Microsoft-Windows-DistributedCOM |
Access was denied during the attempt to start a DCOM server. The server is: %1 . The user is %2/%3, SID=%4. |
|
Microsoft-Windows-DistributedCOM |
Access was denied during the attempt to start a DCOM server by using DefaultLaunchPermssion. The server is: %1 . The user is %2/%3, SID=%4. |
|
Microsoft-Windows-DistributedCOM |
DCOM received error "%1" and could not log on %2\%3 in order to run the server: %4 |
|
Microsoft-Windows-DistributedCOM |
The computer-wide limit settings do not grant %1 %2 permission for the COM Server application with CLSID %3 to the user %4\%5 SID (%6) from address %7. This security permission can be modified using the Component Services snap-in. |
|
Microsoft-Windows-DistributedCOM |
The %1 permission settings do not grant %2 %3 permission for the COM Server application with CLSID %4 to the user %5\%6 SID (%7) from address %8. This security permission can be modified using the Component Services snap-in. |
|
Microsoft-Windows-DistributedCOM |
The %1 permission settings do not grant %2 access permission to the COM Server application %3 to the user %4\%5 SID (%6) from address %7. This security permission can be modified using the Component Services snap-in. | |
Microsoft-Windows-DistributedCOM |
The application-specific permission settings do not grant %1 access permission to the COM Server application %2 to the user %3\%4 SID (%5) from address %6. The application set this security permission programmatically. To modify this security permission contact the application vendor. | |
Microsoft-Windows-DistributedCOM |
The computer-wide limit settings do not grant %1 access permission to the COM Server application %2 to the user %3\%4 SID (%5) from address %6. This security permission can be modified using the Component Services snap-in. | |
Microsoft-Windows-DistributedCOM |
The computer-wide %1 %2 security descriptor is invalid. It contains Access Control Entries with permissions that are invalid. The requested action was therefore not performed. This security permission can be corrected using the Component Services snap-in. | |
Microsoft-Windows-DistributedCOM |
The launch and activation security descriptor for the COM Server application with CLSID %1 is invalid. It contains Access Control Entries with permissions that are invalid. The requested action was therefore not performed. This security permission can be corrected using the Component Services snap-in. |
|
Microsoft-Windows-DistributedCOM |
The %1 access security descriptor for the COM Server application %2 is invalid. It contains Access Control Entries with permissions that are invalid. The requested action was therefore not performed. This security permission can be corrected using the Component Services snap-in. | |
Microsoft-Windows-DistributedCOM |
The application-specific access security descriptor for the COM Server application %1 is invalid. It contains Access Control Entries with permissions that are invalid. The requested action was therefore not performed. The application set this security permission programmatically. To modify this security permission contact the application vendor. | |
Microsoft-Windows-DistributedCOM |
The computer-wide group policy %1 Limits security descriptor is invalid. The security descriptor is defined as an invalid Security Descriptor Definitions Language (SDDL) string. The requested action was therefore not performed. Please contact your administrator to correct the security descriptor in the Group Policy settings. | |
Microsoft-Windows-DistributedCOM |
The computer-wide limit settings do not grant %1 %2 permission for COM Server applications to the user %3\%4 SID (%5) from address %6. This security permission can be modified using the Component Services snap-in. | |
Microsoft-Windows-COMRuntime |
The computer-wide limit settings do not grant %1 %2 permission for the COM Server application with CLSID %3 to the user %4\%5 SID (%6) from address %7. This security permission can be modified using the Component Services snap-in. |
|
Microsoft-Windows-COMRuntime |
The %1 permission settings do not grant %2 %3 permission for the COM Server application with CLSID %4 to the user %5\%6 SID (%7) from address %8. This security permission can be modified by using the Component Services snap-in. |
|
Microsoft-Windows-COMRuntime |
The %1 permission settings do not grant %2 access permission to the COM Server application %3 to the user %4\%5 SID (%6) from address %7. This security permission can be modified by using the Component Services snap-in. | |
Microsoft-Windows-COMRuntime |
The application-specific permission settings do not grant %1 access permission to the COM Server application %2 to the user %3\%4 SID (%5) from address %6. The application set this security permission programmatically. To modify this security permission, contact the application vendor. | |
Microsoft-Windows-COMRuntime |
The computer-wide limit settings do not grant %1 access permission to the COM Server application %2 to the user %3\%4 SID (%5) from address %6. This security permission can be modified by using the Component Services snap-in. | |
Microsoft-Windows-COMRuntime |
The computer-wide %1 %2 security descriptor is not valid. It contains access control entries with permissions that are not valid. The requested action was therefore not performed. This security permission can be corrected by using the Component Services snap-in. | |
Microsoft-Windows-COMRuntime |
The launch and activation security descriptor for the COM Server application with CLSID %1 is not valid. It contains access control entries that have permissions that are not valid. The requested action was therefore not performed. This security permission can be corrected by using the Component Services snap-in. |
|
Microsoft-Windows-COMRuntime |
The %1 access security descriptor for the COM Server application %2 is not valid. It contains access control entries that have permissions that are not valid. The requested action was therefore not performed. This security permission can be corrected by using the Component Services snap-in. | |
Microsoft-Windows-COMRuntime |
The application-specific access security descriptor for the COM Server application %1 is invalid. It contains Access Control Entries with permissions that are invalid. The requested action was therefore not performed. The application set this security permission programmatically. To modify this security permission contact the application vendor. | |
Microsoft-Windows-COMRuntime |
The machine wide group policy %1 Limits security descriptor is not valid. The security descriptor is defined as a not valid Security Descriptor Definitions Language (SDDL) string. The requested action was therefore not performed. To correct the security descriptor in the Group Policy settings, contact your administrator. | |
Microsoft-Windows-COMRuntime |
The computer-wide limit settings do not grant %1 %2 permission for COM Server applications to the user %3\%4 SID (%5) from address %6. This security permission can be modified by using the Component Services snap-in. |