PRB: COM+ Application Under Domain Account Fails Intermittently

Symptoms

If a COM+ application runs under a domain account, when you type the password, the application works initially and then fails suddenly with the following error message:

Event ID: 10004 Source: DCOM
DCOM got error "Logon failure: unknown user name or bad password." and was unable to logon .\UserName in order to run the server:
{1FD7A201-0823-479C-9A4B-2C6128585168}
The only way to get the application to work is to retype the password.

Cause

This problem occurs because the Log on as a batch job privilege is not set for the identity of the COM+ package. When you set a user as the COM+ identity, COM+ adds this privilege for you.

However, if the user is a domain account, and if that user does not have the Log on as a batch job privilege set in a Group Policy Object (GPO) when the Active Directory performs an update, the identity of the COM+ package is reset, and the permission is removed.

If you retype the password, COM+ will add the Log on as a batch job privilege again for the local computer.

Resolution

To resolve this problem, give the domain account the Log on as a batch job privilege in the Group Policy Object in the Domain Controller.

Status

This behavior is by design.
Proprietăți

ID articol: 312497 - Ultima examinare: 24 mar. 2009 - Revizie: 1

Feedback