INFO: Rights and Permissions Needed by the Identity Account of an MTS/COM+ Package

Article translations Article translations
Article ID: 276407 - View products that this article applies to.
Expand all | Collapse all


For a Microsoft Transaction Server (MTS) or COM+ package to function, the account that is used for the configured Identity must have certain user rights and NTFS permissions. If the account does not have sufficient rights or permissions, you may receive one or more of the following error messages:
"ActiveX component can't create object."
"The process cannot switch to the startup current directory D:\Winnt\system32\. Select OK to set current directory to D:\Winnt, or select Cancel to exit."
"The application failed to initialize properly (0xc0000022). Click OK to terminate the application."
"Out of memory"
Run-time error '429'. ActiveX component can't create object.
DCOM got error "Logon failure: the user has not been granted the requested logon type at this computer. " and was unable to logon .\test in order to run the server: {9E7AB7CE-6B96-4AA9-A62D-59589FA5C790}
Runtime Error '-2147467238 (8000401a)': Automation Error The server process could not be started because the configured identity is incorrect. Check the username and password.

More information

To enable MTS to function properly, verify that the configured Identity has at least Read access in the NTFS permissions for the following folders:
  • The folder in which the DLL is located.
  • The \Winnt folder.
  • The \Winnt\System32 folder.
  • The \Winnt\System32\Mts folder, for the MTS case.
  • The \Program Files\Common Files folder, and all files and subfolders.
Also verify that the configured Identity has the Advanced User Right to "Log on as a Batch Job". To view the User Rights assignment in Microsoft Windows NT 4.0, do the following:
  1. Open User Manager for the local computer.
  2. From the Policies menu, click User Rights.
  3. Click to select the Show advanced user rights check box.
  4. From the drop-down list box, select Log on as a batch job.
  5. Verify that the account in question appears in the list.
To view the User Rights assignment in Microsoft Windows 2000, do the following:
  1. From the Programs menu, click Administrative Tools, and then click Open Local Security Policy.
  2. Under Local Policies, select User Rights Assignment.
  3. In the right-hand pane, double-click Log on as a batch job.
  4. Verify that the account in question appears in the list.


Article ID: 276407 - Last Review: June 19, 2014 - Revision: 2.0
Applies to
  • Microsoft Transaction Services 2.0
  • Microsoft COM+ 1.0
kberrmsg kbinfo kbsysadmin KB276407
Retired KB Content Disclaimer
This article was written about products for which Microsoft no longer offers support. Therefore, this article is offered "as is" and will no longer be updated.

Give Feedback


Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from