Re: Dire problem

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

Ace Fekay [MVP] wrote: 
In news:uY$nNuqFGHA.1180@xxxxxxxxxxxxxxxxxxxx,
Brian Sands <Brian8568@xxxxxxxxx> stated, which I commented on below:
Ace Fekay [MVP] wrote: 
Systems that have changed the default Access Control List permissions on the
%windir%\registration directory may experience various problems after you
install the Microsoft Security Bulletin MS05-051 for COM+ and MS DTC
http://support.microsoft.com/kb/909444


This does not appear to be the case.

> For specific info, see:
http://blogs.technet.com/steriley/archive/2005/11/08/414002.aspx
Also the 1655's aren't friendly either and may have snowballed from the above.
http://www.eventid.net/display.asp?eventid=1126&eventno=656&source=NTDS%20General&phase=1
EventID 1869:
http://www.eventid.net/display.asp?eventid=1869&eventno=2452&source=NTDS%20General&phase=1


The security settings look good.

Now NETLOGON won't start on boot:

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7011
Date: 1/13/2006
Time: 4:55:59 PM
User: N/A
Computer: MYSERVER
Description:
Timeout (30000 milliseconds) waiting for a transaction response from the Netlogon service.

and these are new:

Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10016
Date: 1/13/2006
Time: 4:54:59 PM
User: NT AUTHORITY\NETWORK SERVICE
Computer: HAL9000
Description:
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{A9E69610-B80D-11D0-B9B9-00A0C922E750}
to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission can be modified using the Component Services administrative tool.

Event Type: Warning
Event Source: LSASRV
Event Category: SPNEGO (Negotiator)
Event ID: 40960
Date: 1/13/2006
Time: 4:54:54 PM
User: N/A
Computer: MYSERVER
Description:
The Security System detected an authentication error for the server DNS/hal9000.corp.ascotent.com. The failure code from authentication protocol Kerberos was "The specified user does not exist.
(0xc0000064)".

The only other thing I can think of is throw the cdrom in, and run setup selecting an 'upgrade' or if it says the service packs are different, then reboot with the cd and select to repair (not install new) the current installation. 

This would seem to be the only solution at present.

Thanks for your help,
Brian
.

Relevant Pages

  • Re: Dire problem
    ... >> various problems after you install the Microsoft Security Bulletin ... > Event Source: Service Control Manager ... > The application-specific permission settings do not grant Local Launch ...
    (microsoft.public.windows.server.active_directory)
  • RE: Lost permission tab
    ... Did you install this to an NTFS partition... ... permission over the different files and folders to the local users. ... The problem is that I no longer find the tab for set up the ... Security +, ...
    (Security-Basics)
  • Re: Error Code: 0x80242006
    ... What updates are you or Automatic Updates trying to install? ... TCP/IP has reached the security limit imposed on the number of concurrent ... The machine-default permission settings do not grant Local Activation ...
    (microsoft.public.windowsupdate)
  • Re: Mac Hack
    ... Win2k and XP security haven't been a big deal for me, ... up for permission whenever something tries to install. ...
    (comp.sys.mac.advocacy)
  • The Big Ol Ubuntu Security Resource
    ... but its default install has flaws. ... are the mods you need to make to protect your system. ... If you've recently switched from Windows to the Linux distribution Ubuntu, ... IT Security has prepared a guide to help you ...
    (microsoft.public.windowsxp.general)