User Logon Account Problems

Discussion in 'Security' started by Billdoe, Sep 23, 2011.

  1. Billdoe

    Billdoe

    Joined:
    Sep 23, 2011
    Messages:
    5
    Likes Received:
    0
    Location:
    Still at Large
    Hello everyone,

    I have a problem logging on, with my user accounts, on a HP6230 vista home premium computer.
    The problem occurs after I create a new user account, and then try to logon, and I recieve the following error message:

    ===============================================================
    The User profile service - service, failed the login.
    --------------------------------------------------------------------------------------------------
    The user profile cannot be loaded
    ----------------------------------------------------------------------

    ===============================================================

    I believe the problem is caused by a security issue with the permission levels ... assigned to the Hidden - Admin User Account.

    This is because around the same time, my computor had 2 services stopp], namely the Distributed Transaction Coorinator, and the KTMRM Distributed Transaction Coorinator. Furthermore, my computers defrag program started reporting that it couldn't complete defrag's, because of a file named SAINST, in the following file location:

    ================================================================
    C:\Users\Admin\Appdate\Local\Temp\SAINST
    --------------------------------------------------------------------------------------------------
    The defrag program, reported that the file was un-movable.
    ----------------------------------------------------------------------

    If any help or sugestions would be greatly appreciated.,

    Thanks, Billdoe
     
    Last edited: Sep 23, 2011
    Billdoe, Sep 23, 2011
    #1
    1. Advertisements

  2. Billdoe

    okayo0

    Joined:
    Aug 27, 2011
    Messages:
    40
    Likes Received:
    0
    Can you post a screenshot? I'm not exactly sure what you're talking about.
    Does some startup applications trigger the UAC and asks for your admin account + password?
     
    okayo0, Dec 27, 2011
    #2
    1. Advertisements

  3. Billdoe

    Billdoe

    Joined:
    Sep 23, 2011
    Messages:
    5
    Likes Received:
    0
    Location:
    Still at Large
    I have since traced the error in the event log, as follows:

    Source: : DCOM
    Description:
    The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D215781D-019E-4FA0-903D-0CDCDE13A4F5} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC).

    This security permission can be modified using the Component Services administrative tool.
     
    Billdoe, Jan 4, 2012
    #3
  4. Billdoe

    Billdoe

    Joined:
    Sep 23, 2011
    Messages:
    5
    Likes Received:
    0
    Location:
    Still at Large
    FIX Found

    ===========================================================
    Here is my short description of the "FIX" followed by Microsoft's long description:

    Event Type: Error
    Event Source: DCOM
    Event Category: None
    Event ID: 10016
    Date: 27-5-2011
    Time: 5:56:24
    User: NT AUTHORITY\LOCAL SERVICE
    Computer: HP6230
    Description:
    The machine-default permission settings do not grant Local Activation
    permission for the COM Server application with CLSID
    {D215781D-019E-4FA0-903D-0CDCDE13A4F5}
    to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security
    permission can be modified using the Component Services administrative tool.
    -----------------------------------------------------------------------------------------------------

    1. Went into registry at:
    HKEY_CLASSES_ROOT\CLSID\
    {D215781D-019E-4FA0-903D-0CDCDE13A4F5}
    2. Copied the key:
    AppId:
    {D215781D-019E-4FA0-903D-0CDCDE13A4F5}
    To clipboard and pasted it into text editor so I can "safely view it".
    3. Started:
    Start->Run->dcomcnfg
    ComponentServices->DCOM Config
    Properties->On main menu changed view to detail
    4. Found match for:
    CLSID {D215781D-019E-4FA0-903D-0CDCDE13A4F5}
    ( CLSID = WinMgmt MOF Compiler OOP )
    5. Properties->Security->Launch and Activation Permissions->Custom->Add local activation for local service account.

    (looked into event viewer to see which account did not have the right permissions), account: local_service
    :)
     
    Last edited: Apr 13, 2012
    Billdoe, Apr 13, 2012
    #4
  5. Billdoe

    Billdoe

    Joined:
    Sep 23, 2011
    Messages:
    5
    Likes Received:
    0
    Location:
    Still at Large
    Could not post MicroSofts URL for long Fix.
     
    Billdoe, Apr 13, 2012
    #5
  6. Billdoe

    ClarkTNTien

    Joined:
    May 15, 2012
    Messages:
    46
    Likes Received:
    0
    Location:
    MYOB
    God, I ask you keep me save from making any wrong choice in life forever from now on! Well, according to my 10 or so years with defrag, I have a feeling one of your files might be corrupt. Once you restore the entire computer, things should run smoothly. I know it is a pain to restore it because you need the original discs and all, but it is necessary if you want everything back to factory 100% working state. If you are okay living with "maybees", then you can stick with your current system.
     
    ClarkTNTien, Sep 21, 2012
    #6
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.