Why do I have to manually add Local Activation permission for domain account even if it's a member of the local Administrators group?

0

A SQL Server 2012 agent job was failing with:

The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {...} and APPID {...} to the user MYDOMAIN\me SID (...) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

But when I looked in Component Services -> Computer -> My Computer -> DCOM Config -> (APPID above), I found that the local Administrators group already had "Local Activation" permission. I confirmed that my domain user account was a member of local group Administrators.

Nevertheless, to run the job, I had to manually add myself and give myself "Local Activation" authorization. Why is this?

jordanpg

Posted 2014-04-02T21:13:19.500

Reputation: 101

Answers

0

i've had this issue before!

Here is how I fixed it

So the issue was due to the fact that the NT Service\SQL Server Distributed Replay Client user did not have local activation permissions in the Component Services dialog. The original error message clearly stated that I needed to give local activation permissions to the SQL Server Distributed Replay Client, but it seems that I gave permissions to SQL Server Distributed Replay CONTROLLER instead.

see Component Services Error Log - SQL Server Distributed Replay Client for my original post. Not totally sure if this question is a duplicate or not.

SQL Server Distributed Replay Controller in DCOM

Richie086

Posted 2014-04-02T21:13:19.500

Reputation: 4 299

Thanks for the answer. I don't think this is the same thing. The error message was about me (user MYDOMAIN\me), not a service account. Adding myself to the ACL fixed the problem, but I'm trying to understand why that was needed in addition to the Administrators group. – jordanpg – 2014-04-03T12:11:08.257

Asked: 2014-04-02T21:13:19.500

Viewed: 840 times

Active: 2014-04-02T23:17:55.933