locked
NAP agent: critical events in SYSTEM eventlog RRS feed

  • Question

  • Hello.

    I develop integration our product with NAP and have some problem.

    When I start my SHA on host where NapAgent isn't running, then error event is published in EventLog

    Event Type: Error
    Event Source: DCOM
    Event Category: None
    Event ID: 10016
    Date: 25.11.2008
    Time: 17:07:13
    User: NT AUTHORITY\SYSTEM
    Computer: TL-VPSA
    Description:
    The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
    {24FF4FDC-1D9F-4195-8C79-0DA39248FF48}
    to the user NT AUTHORITY\SYSTEM SID (S-1-5-18).  This security permission can be modified using the Component Services administrative tool.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

    I found in registry that GUID - 24FF4FDC-1D9F-4195-8C79-0DA39248FF48 is connected with "Quarantine Private SHA Binding class"

    Anybody know what cat help?


    developer
    Tuesday, December 2, 2008 4:29 PM

Answers

  • Hi Baily,

    Thanks for responding. I will try to help. There might be some delay because of holidays here, but I will see if someone can answer this for you.

    I did find this article which might help: http://support.microsoft.com/kb/899965 but I am not a developer so this might not apply to your situation.

    -Greg
    Thursday, December 18, 2008 6:01 AM

All replies

  • Hi Baily,
      DO you able to solve this problem ? IF yes, how did you solve this  ? Under which user session you were running your SHA to bind into NAPAgent?

    Thanks
    -RamaSubbu SK


    Sorry! Microsoft doesn't own any liability & responsibility for any of my posting.
    Monday, December 8, 2008 5:56 PM
  • Hi Baily,

    Are you still having this problem?

    Thanks,
    -Greg
    Sunday, December 14, 2008 7:27 PM
  •  Hello!

    I don't solve this problem.  My SHA is running under Local System account as a service. Also I used in my code fragment from Microsoft NAP SHA sample -

    sd.InitializeFromThreadToken();
        sd.Allow("NETWORK_SERVICE", COM_RIGHTS_EXECUTE);
        hr = CoInitializeSecurity( sd,
                                   -1,
                                   NULL,
                                   NULL,
                                   RPC_C_AUTHN_LEVEL_PKT,
                                   RPC_C_IMP_LEVEL_IMPERSONATE,
                                   NULL,
                                   EOAC_NONE,
                                   NULL );
    developer
    Monday, December 15, 2008 11:04 AM
  • Hi Baily,

    Thanks for responding. I will try to help. There might be some delay because of holidays here, but I will see if someone can answer this for you.

    I did find this article which might help: http://support.microsoft.com/kb/899965 but I am not a developer so this might not apply to your situation.

    -Greg
    Thursday, December 18, 2008 6:01 AM
  • Hi,

    I'm just checking back in with you after the holidays. Did the article I provided in my last post help at all?

    -Greg

    Monday, January 5, 2009 6:45 PM
  • Hello!

    Our holidays was more long. Thanks for help, but I'm not read article from your post yet.  I'm planning to do this in Febraury, when I get time for work with NAP functionality
    developer
    Sunday, January 11, 2009 8:56 AM
  • Hi Baily,

    I'm going to mark the question as answered for now. Please let me know in February if you are still having problems.

    Thanks,
    -Greg
    Tuesday, January 20, 2009 1:19 AM
  • Hello!

    I checked. It is help. It was need to give rights to Microsoft NAP Agent from dcomcnfg.

    Thanks for help!
    developer
    Thursday, February 5, 2009 4:00 PM
  • Greg.

    I'm having the exact same problem on Windows Vista SP1.  I built an outofproc COM server to host my INapComponentInfo class so NapStat.exe can get localized strings.  I see Baily's error on Vista.  Curiously, this exact solution works fine on Windows Server 2008 (32 and 64 bit).  I checked out the article you posted. I had already been snooping around there. However, on Vista, The "Launch and Activation Permissions" section, (and all the properites for the NAP Agent Service, for that matter) are read-only.  I can grok that considering the service.  I would really love to avoid creating a service just to return localized strings...

    -Mark
    Wednesday, April 1, 2009 12:16 AM
  • For INapComponentInfo , NAPSTAT.exe directly call the comobject , you need to have permission for interactive users too.
    Sorry! Microsoft doesn't own any liability & responsibility for any of my posting.
    Wednesday, April 1, 2009 2:46 AM