Monthly Archives: July 2013

Production deployment Issues when ASP.Net Web Application access COM+ component

Posted on by
2

Earlier last month we developed one project in which we had to use Office Excel COM+ component to save documents into .mht formats after manipulating them which finally displays on the browser window. It was the web application and everything was running fine at the development machine.

SYMPTOMS

The project got approved and when we deployed on the production server we came across several exceptions pertaining of accessing Office COM component on server.

Event ID: 10016

Event Source: DCOM

Description: The application permission settings do not grant Local Launch permission for the COM Server application This security permission can be modified using the Component Services administrative tool.

CAUSE

User does not have required permission to start COM component.

RESOLUTION

I tried searching on google and then find this useful link which solves my problem i.e. http://support.microsoft.com/kb/899965

Below steps taken from the above URL

Grant the user permissions to start the COM component

Grant the user permissions to start the COM component. To do this, follow these steps:

  • Click Start, click Run, type regedit in the Open box, and then click OK.
  • Locate and then click the following registry subkey:

    HKEY_CLASSES_ROOT\CLSID\CLSID value

    Note In this subkey, “CLSID value” is a placeholder for the CLSID information that appears in the message.

  • In the right pane, double-click AppID.

    The Edit String dialog box appears. Leave this dialog box open and continue to the next step.

  • Click Start, click Run, type dcomcnfg in the Open box, and then click OK.

    If a Windows Security Alert message prompts you to keep blocking the Microsoft Management Console program, click to unblock the program.

  • In Component Services, double-click Component Services, double-click Computers, double-click My Computer, and then click DCOM Config.
  • In the details pane, locate the program by using the friendly name.

    If the AppGUID identifier is listed instead of the friendly name, locate the program by using this identifier.

  • Right-click the program, and then click Properties.
  • Click the Security tab.
  • In the Launch and Activation Permissions area, click Customize, and then click Edit.
  • Click Add, type the user’s account name, and then click OK.
  • While the user is selected, click to select the Allow check boxes for the following items:
    • Local Launch
    • Remote Launch
    • Local Activation
    • Remote Activation
  • Click OK two times.
  • Quit Registry Editor.

Grant the correct permissions to the Network Service account

To grant the correct permissions to the Network Service account, follow these steps:

  • Click Start, click Run, type dcomcnfg in the Open box, and then click OK.
  • In Component Services, double-click Component Services, and then double-click Computers.
  • Right-click My Computer, and then click Properties.
  • Click the COM Security tab.
  • In the Launch and Activation Permissions area, click Edit Default.
  • Click Add, type Network Service, and then click OK.
  • While Network Service is selected, click to select the Allow check boxes for the following items:
    • Local Launch
    • Remote Launch
    • Local Activation
    • Remote Activation

    Click OK two times.

After this, I tested the application deployed on production and it works. Few days later client reported that I am unable to view documents on my browser and sometimes it work sometimes not. She was using IE 10. Initially I was thinking that maybe it’s due to IE 10 as the application is running smoothly at my end and I had IE 9. But later on when I debugged the error I came to know that it’s again related to some security permissions of COM component.

Exception:
Sys.WebForms.PageRequestManagerServerErrorException: Retrieving the COM class factory for component with CLSID {00024500-0000-0000-C000-000000000046} failed due to the following error: 8000401a The server process could not be started because the configured identity is incorrect. Check the username and password. (Exception from HRESULT: 0x8000401A).

After doing some search, I found the resolution which fixed my problem. Following are the symptoms, cause and resolution taken from http://support.microsoft.com/kb/305761

SYMPTOMS

This error occurs when no user is interactively login to the server and if you start COM+ from remote client or terminal the application fails.

Actually I used to connect to my server hosted in US through VPN connection. And the reason it worked sometimes was that I already logged in interactively to the server. And when I’m not, client faced error.

CAUSE

This problem occurs because the default identity is set as Interactive user.

RESOLUTION

In order to resolve this problem I changed the Excel Application identity account from Interactive to local Administrator account.

Steps

  1. Open Component Services
  2. Select COM+ component (in my case it was Excel Application) and click Properties
  3. Go to Identity tab
  4. Select Custom Account
    1. Specify Username and password that have permissions to start the COM+ component.

Hence, this solved my problem.