In an attempt to clear my event log, I came across error event 10016 for {C2F03A33-21F5-47FA-B4BB-156362A2F239}:
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user NT AUTHORITY \ LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool
Normally I ignore error 10016 in my event viewer. But there were so many of them this time that I decided to correct the error messages anyway.
In this post, I explain how you can solve this problem. I attempt to describe this as easily as possible. All instructions are straightforward. Sometimes with a screenshot to clarify.
Introduction to resolve event 10016
In this guide, the only requirement is an Administrator account.
This is the high-level planning:
- Take ownership on the CLSID in the Registry Editor
- Set permissions on the CLSID in the Registry Editor
- Take ownership on the APPID in the Registry Editor
- Set permissions on the APPID in the Registry Editor
- Putting Launch and Activation Permissions into Component Services administrative tool (DCOM)
No worries if this is unclear. Follow the steps below and you’ll be fine 🙂
Step 1
Make sure you are logged in as an Administrator. To check if your account has Administrator rights,
- Press Start (Windows logo) ->
- Select your Account photo ->
- Select Change account settings.
- You will see Administrator under your name.
Step 2
Open the Event Viewer. Note the following things:
- Permissions: Local Activation
- CLSID: {C2F03A33-21F5-47FA-B4BB-156362A2F239}
- APPID: {316CDED5-E4AE-4B15-9113-7055D84DCC97}
- User: NT Authority \ Local Service
Are these the same for you? Fantastic! Just follow my steps!
Do you have other values? Then write them down and replace them in the steps below!
Step 3
Open your Registry Editor as an Administrator. To do so:
Step 4
In the Registry Editor, navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C2F03A33-21F5-47FA-B4BB-156362A2F239}
Did you notice another CLSID in step 2? Then replace {…} with your CLSID!
To make sure that you are in the right key in the Registry Editor, you can also compare the APPID. Like in this screenshot:
Also immediately write down the Application Name. In my case, that is Immersive Shell. You will need this Application Name in step 9. Do you have another application name printed? Record this.
Step 5
In the Registry Editor:
Step 6
In the window Permissions for {C2F03A33-21F5-47FA-B4BB-156362A2F239} :
- Click Administrators once (so that it is selected)
- Check the box Full Control – Allow
- Click Advanced
In the Advanced Security Settings window for {C2F03A33-21F5-47FA-B4BB-156362A2F239}
- Click on Change
- Type Administrators
- Click OK
- Click OK
- Click OK
Well done! You have now set the rights to the CLSID correctly.
In the next step, we will do the same for APPID
Step 7
In the Registry Editor, navigate to HKEY_LOCAL_MACHINE \ SOFTWARE \ Classes \ APPID \ {316CDED5-E4AE-4B15-9113-7055D84DCC97}.
In the window Permissions for {316CDED5-E4AE-4B15-9113-7055D84DCC97}
- Click Administrators once (so that it is selected)
- Check the box Full Control – Allow
- Click on Advanced
In the Advanced Security Settings window for {316CDED5-E4AE-4B15-9113-7055D84DCC97}
- Click Change
- Type Administrators
- Click OK
- Click OK
- Click OK
You have now also set the rights to the APPID correctly
In the following steps we will finish: we will set the correct permissions in the Component Services
Step 8
Open your Component Servies as an Administrator. To do so:
- Click Start (Windows logo)
- Type Component services
- Right-click Component Services
- Click Run as administrator
Step 9
In Component Services
- Navigate to Component Services -> Computers -> My computer -> DCOM Config
- Scroll down to Immersive Shell (as we noted in step 4. Was there another application name for you? Then look it up.)
- Right-click the Immersive Shell application name
- Click Properties
Step 10
In the Immersive Shell Properties window
- Click Customize under Launch and Activation Permissions.
- Click Edit
- In the Launch and Activation window, click Add.
- Type local service and click OK. (the name “local service” corresponds to the User we noted in step 2)
Step 11
Now that we have added Local Service:
- Select LOCAL SERVICE, check “Local Activation” (we also noted the Local Activation in step 2, as Permissions)
- Click OK
- Click OK again to close all windows
That should be it! Reboot your computer and see whether the errors return (or not, hopefully).
Is something unclear or do you run into something? Let me know in a comment! I would like to help you
Note 1
You may face a Windows Security message at step 10. if so, select Remove.
Sources:
https://support.microsoft.com/en-us/help/4022522/dcom-event-id-10016-is-logged-in-windows
https://www.itexperience.net/2018/12/02/event-id-10016-fix-the-application-specific-permission-settings-do-not-grant-local-activation-permission-for-the-com-server-application-with-clsid/
Thank you. For the great details
Thanks for the detailed instructions! I followed all the steps but still see the following message afterwards. Any suggestions? Thanks again!
===========================================================
Log Name: System
Source: Microsoft-Windows-DistributedCOM
Date: 5/8/2020 10:26:53 AM
Event ID: 10016
Task Category: None
Level: Warning
Keywords: Classic
User: A114\A-114
Computer: A114
Description:
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user A114\A-114 SID (S-1-5-21-2622747839-1649908113-937840111-1000) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.
I get unable to save permission changes when trying to set administrator full control. Using regeditor as admin.
i do not have CLSID in my HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\ … im lost mate
Listen man, I respect the effort, but you don’t ‘solve an issue’ just by granting all the permissions you can find that might allow it. Some things are -meant- to fail, and where there’s no functional impact, just leave it the hell alone.
Your solution here is akin to hearing a loud banging on the door, late at night, so you go and open the door wide open cos hey, who cares why the banging is happening, you just want it to stop so you can get back to sleep.
I guess I should clarify. The things you do when you grant your user account all these permissions to the registry and CLSID classes is basically to make your computer a humming invitation to the next ransomware or trojan dreamt up by a kid in a box in North Korea.
This fix didn’t work for me. Win 10 1903 version. 🙁 Event log full with this warning…
Me too. Win 10 2020