A while back one of my SMS servers started getting DCOM errors, it was consistent every couple of minutes there would 10 – 15 entries. Shorty there after another one of my SMS servers starting getting the errors. After a little investigation it was discovered that the launch and activation permissions for the SMS Agent Host component had been changed for one of the local IIS accounts – probably due to OS patching. The error that we were getting was:
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {CLSID}
to the user <username>. This security permission can be modified using the Component Services administrative tool.
To resolve the issue I did the following:
• In the registry locate the CLSID that is being reported as having problems in the Event Viewer
• Make note of the application ID associated with the CLSID
• Open up the Components Services snap-in and navigate to Component Services / Computers / My Computer / DCOM Config
• Highlight DCOM Config and select the Details view
• On the Security tab locate the Launch and Activation Permissions, select Customize and then Edit
• Give the user account specified in the event log the appropriate permissions to the component
