SharePoint 2013: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 05D1D5D8-18D1-4B83-85ED-A0F99D53C885

Problem

You see the following in a farm server's System log:

Log Name:      System
Source:        Microsoft-Windows-DistributedCOM
Date:          [date/time]
Event ID:      10016
Task Category: None
Level:         Error
Keywords:      Classic
User:          SYSTEM
Computer:      [FarmServer]
Description:
The application-specific permission settings do not grant Local Launch 
permission for the COM Server application with CLSID 
{05D1D5D8-18D1-4B83-85ED-A0F99D53C885}
 and APPID 
{AD65A69D-3831-40D7-9629-9B0B50A93843}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost 
(Using LRPC) running in the application container Unavailable SID 
(Unavailable). This security permission can be modified using the Component 
Services administrative tool.
Event Xml:
...

Reviewing the event log, you find the error recurring several times a month at various times, but with no immediately evident pattern.

This issue involves the SMS Agent Host application.  You can find this association by launching regedit, and then searching for the AppID in the registry.  From my experience, this issue has not appeared to involve any immediately identifiable problems and so I have ignored it.  If there are subtler issues here, I have not observed them yet.

There is one, perhaps two, solutions to this issue.  The first involves straightforwardly granting application-specific Local Launch permission to the SYSTEM account.  The second involves adding the SYSTEM account to the Distributed COM Users group.  The first method appears to be the one most widely posted.  The second one I found a posting on and tried out, but found that it failed to resolve the problem.

Solution 1: Grant application-specific local launch permission to the SYSTEM account

1. Login to the target machine using an administrator account.
2. Launch the Component Services tool.
3. In the navigation panel, at left, expand: Console Root > Component Services > Computers > My Computer > DCOM Config.
4. Scroll down to SMS Agent Host.
5. Right-click and choose Properties.
6. Select the Security tab.
7. In the Launch and Activation Permissions group, click the Edit button.
8. If the SYSTEM account is not listed, add it.
9. Select the SYSTEM account and then check Allow for all permissions
   
   
10. CLick OK and OK again.

Solution 2: Add SYSTEM account to Distributed COM Users group

1. Launch Computer Management as an administrator.
2. In the left navigation panel, expand the tree under Computer Management to Local Users and Groups \ Groups.
3. Select Distributed COM Users. 
   
4. Double-click Distributed COM Users.
5. Click the Add button.
6. Click the Locations button.
7. Select the server name.
   
8. Click OK.
9. Click the Advanced button.
10. Click the Find Now button.
11. Scroll down and select SYSTEM, and then click OK.
    
12. Click OK again.

References

• Event ID 10021 and event ID 10016 occur after a site reset or after an SMS 2003 service pack installation on a site server running on Windows Server 2003 Service Pack 1 or Windows Server 2003 Service Pack 2
• SharePoint 2013: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 000C101C-0000-0000-C000-000000000046
• Error 10016: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {000C101C-0000-0000-C000-000000000046}
• Error 10016: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {61738644-F196-11D0-9953-00C04FD919C1}
• SharePoint 2007: Resolving Error 10016
• Event 10016 may be logged in the System log on a computer that is running Windows XP Professional x64 Edition