Saturday, 14 April 2007

CRM, SharePoint and Dynamics

SYMPTOMS

One or more users can not logon to your site

You have an error in the event log with a source of Source DCOM – please note this is just a sample error and the CLSID unique to each server.

The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {61738644-F196-11D0-9953-00C04FD919C1} to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission can be modified using the Component Services administrative tool.

When you explorer the DCOM you find it matches the IIS WAMREG Admin Service and the permissions are correct to start but still you have this error.

CAUSE

This can relate to NTLM permissions in IIS for that or even all sites stopping that application pool from starting correctly you can fix this by resetting the NTLM permissions on the IIS server and therefore the application pool as well.

FIX

Start a command prompt.

Locate and then change to the directory that contains the Adsutil.vbs
file. By default, this directory is C:\Inetpub\Adminscripts.

Type the following command, and then press ENTER:

cscript adsutil.vbs set w3svc/NTAuthenticationProviders "NTLM"

To verify that the NtAuthenticationProviders metabase property is set to NTLM, type the following command, and then press ENTER:

cscript adsutil.vbs get w3svc/NTAuthenticationProviders

The following text should be returned:

NTAuthenticationProviders : (STRING) "NTLM"

Now clear your event log and restart your server when it starts up you should have a clean event log.

No comments: