Problem
The error below is logged in the Enterprise Vault (EV) event logs while attempting to open shortcuts via Outlook or Outlook Web Access (OWA). This usually occurs when a request is sent between two different EV servers. Ie, Archive task sends a request to the storage service on a different server
Error Message
Type: Error
Date: 10/13/2014
Time: 1:31:52 PM
Event: 29014
Source: Enterprise Vault
Category: Web Application (WP)
User: N/A
Computer: EV1
Description:
Storage DCOM error.
Reason: Access is denied. (0x80070005)
Reference: Get storage object: Computer name [EV3], Context [VaultID: 18D8679803E8FE94FB0C426087BD79EFA1110000EVSITE1]
V-437-29014
A Dtrace of W3WP will show the following below. Notice the server names in the event above are EV1 and EV3. The dtrace shows the connection attempt to EV3 which is the storage server.
1637914 11:05:25.124 [19356] (w3wp) <7480> EV:L {VAULTCOCREATEINSTANCEEX.EN_US} Attempt [1] to create COM object failed. CLSID [{F019A230-FF92-11D1-8C20-0000F87502DE}] Server Name [EV3] Elapsed [0.018s] Result [Access is denied. (0x80070005)]
1637924 11:05:25.327 [19356] (w3wp) <7480> EV:L STAWaitForMultipleObjectsEx: Leaving wait state with result: 258
1637925 11:05:25.327 [19356] (w3wp) <7480> EV:L CHostNameHelper: IsLocalMachineExtendedCheck returned [False] for server [EV3].
1637926 11:05:25.327 [19356] (w3wp) <7480> EV:L {VAULTCOCREATEINSTANCEEX.EN_US} Attempt [2] to create COM object failed. CLSID [{F019A230-FF92-11D1-8C20-0000F87502DE}] Server Name [10.10.10.1] Elapsed [0.010s] Result [Access is denied. (0x80070005)]
1637956 11:05:25.733 [19356] (w3wp) <7480> EV:L STAWaitForMultipleObjectsEx: Leaving wait state with result: 258
1637962 11:05:25.733 [19356] (w3wp) <7480> EV:L {VAULTCOCREATEINSTANCEEX.EN_US} Attempt [3] to create COM object failed. CLSID [{F019A230-FF92-11D1-8C20-0000F87502DE}] Server Name [10.10.10.1] Elapsed [0.010s] Result [Access is denied. (0x80070005)]
1638067 11:05:26.343 [19356] (w3wp) <7480> EV:L STAWaitForMultipleObjectsEx: Leaving wait state with result: 258
1638068 11:05:26.343 [19356] (w3wp) <7480> EV:L {VAULTCOCREATEINSTANCEEX.EN_US} Attempt [4] to create COM object failed. CLSID [{F019A230-FF92-11D1-8C20-0000F87502DE}] Server Name [10.10.10.1] Elapsed [0.010s] Result [Access is denied. (0x80070005)]
1638115 11:05:27.155 [19356] (w3wp) <7480> EV:L STAWaitForMultipleObjectsEx: Leaving wait state with result: 258
1638116 11:05:27.155 [19356] (w3wp) <7480> EV:L {VAULTCOCREATEINSTANCEEX.EN_US} Attempt [5] to create COM object failed. CLSID [{F019A230-FF92-11D1-8C20-0000F87502DE}] Server Name [10.10.10.1] Elapsed [0.009s] Result [Access is denied. (0x80070005)]
1638241 11:05:28.155 [19356] (w3wp) <7480> EV:L STAWaitForMultipleObjectsEx: Leaving wait state with result: 258
1638242 11:05:28.155 [19356] (w3wp) <7480> EV:H {VAULTCOCREATEINSTANCEEX.EN_US} CLSID [{F019A230-FF92-11D1-8C20-0000F87502DE}] Server Name [EV3] Used Server Name [10.10.10.1] Num of attempts [6] Total elapsed [3.040s] Result [Access is denied. (0x80070005)]
1638243 11:05:28.155 [19356] (w3wp) <7480> EV~E Event ID: 29014 Storage DCOM error. |Reason: Access is denied. (0x80070005) |Reference: Get storage object: Computer name [EV3], Context [VaultID: 1A0ACDE5887E527459AA4C1B0B4DD5DC21110000EVSITE1] |
1638244 11:05:28.296 [19356] (w3wp) <7480> EV:H {GETSTORAGEOBJECT.EN_US} Status: [Access is denied. (0x80070005)]
1638245 11:05:28.296 [19356] (w3wp) <7480> EV:H {CAutoStorageOnline::CreateStorageOnlineByComputerName} Status: [Access is denied. (0x80070005)]
1638246 11:05:28.296 [19356] (w3wp) <7480> EV:H {CAutoStorageOnline::CreateStorageOnlineByVaultId} (Exit) Status: [Exception]
1638247 11:05:28.296 [19356] (w3wp) <7480> EV:H {CAutoStorageOnline::GetOnlineAttachmentFileSize2:#999} _com_error exception: [Access is denied. (0x80070005)]
1638248 11:05:28.296 [19356] (w3wp) <7480> EV:H {CAutoStorageOnline::GetOnlineAttachmentFileSize2} (Exit) Status: [Access is denied. (0x80070005)]
Cause
This occurs when DCOM restrictions are applied to the servers via Local Security Policy.
DCOM: Machine Access Restrictions in Security Descriptor Definition (SDDL) syntax
DCOM: Machine Launch Restrictions in Security Descriptor Definition (SDDL) syntax
and the registry keys:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\windows NT\dcom\machineaccessrestriction
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\windows NT\dcom\machinelaunchrestriction
Solution
These policies can be applied manually or via Group Policy and must be removed to allow cross communication between the two EV servers.
The Local Policies should be set to 'Not Defined' and the registry keys removed.
Was this content helpful?
Translated Content
Please note that this document is a translation from English, and may have been machine-translated. It is possible that updates have been made to the original version after this document was translated and published. Veritas does not guarantee the accuracy regarding the completeness of the translation. You may also refer to the English Version of this knowledge base article for up-to-date information.