Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2288
Views
0
Helpful
0
Replies

DCOM errors in Domain Controller

peter.atea
Level 1
Level 1

‎07-04-2016 05:42 AM - edited ‎03-12-2019 06:03 AM

Hi!

We got a lot of these Errors in the Event viewer on a customer's Domain Controller that has the Cisco Firepower User Agent installed.

I can't find any information why these ends up in the System log, any ideas how we fix it?

Log Name:      System
Source:        Microsoft-Windows-DistributedCOM
Date:          2016-07-04 14:03:05
Event ID:      10028
Task Category: None
Level:         Error
Keywords:      Classic
User:          SYSTEM
Computer:      SRV0006.domain.se
Description:
DCOM was unable to communicate with the computer 10.10.10.35 using any of the configured protocols; requested by PID      728 (C:\Program Files (x86)\Cisco Systems, Inc\Cisco Firepower User Agent for Active Directory\AgentService.exe).
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-DistributedCOM" Guid="{1B562E86-B7AA-4131-BADC-B6F3A001407E}" EventSourceName="DCOM" />
    <EventID Qualifiers="0">10028</EventID>
    <Version>0</Version>
    <Level>2</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8080000000000000</Keywords>
    <TimeCreated SystemTime="2016-07-04T12:03:05.774052800Z" />
    <EventRecordID>1770964</EventRecordID>
    <Correlation />
    <Execution ProcessID="716" ThreadID="9808" />
    <Channel>System</Channel>
    <Computer>SRV0006.domain.se</Computer>
    <Security UserID="S-1-5-18" />
  </System>
  <EventData>
    <Data Name="param1">10.10.10.35</Data>
    <Data Name="param2">     728</Data>
    <Data Name="param3">C:\Program Files (x86)\Cisco Systems, Inc\Cisco Firepower User Agent for Active Directory\AgentService.exe</Data>
    <Binary>3C5265636F726423313A20436F6D70757465723D286E756C6C293B5069643D3731363B372F342F323031362031323A333A353A3737343B5374617475733D313732323B47656E636F6D703D323B4465746C6F633D313731303B466C6167733D303B506172616D733D313B7B506172616D23303A307D3E3C5265636F726423323A20436F6D70757465723D286E756C6C293B5069643D3731363B372F342F323031362031323A333A353A3737343B5374617475733D313732323B47656E636F6D703D31383B4465746C6F633D313434323B466C6167733D303B506172616D733D313B7B506172616D23303A31302E31312E35302E33357D3E3C5265636F726423333A20436F6D70757465723D286E756C6C293B5069643D3731363B372F342F323031362031323A333A353A3737343B5374617475733D313732323B47656E636F6D703D31383B4465746C6F633D3332333B466C6167733D303B506172616D733D303B3E3C5265636F726423343A20436F6D70757465723D286E756C6C293B5069643D3731363B372F342F323031362031323A333A353A3737343B5374617475733D313233373B47656E636F6D703D31383B4465746C6F633D3331333B466C6167733D303B506172616D733D303B3E3C5265636F726423353A20436F6D70757465723D286E756C6C293B5069643D3731363B372F342F323031362031323A333A353A3737343B5374617475733D31303036303B47656E636F6D703D31383B4465746C6F633D3331313B466C6167733D303B506172616D733D333B7B506172616D23303A3133357D7B506172616D23313A307D7B506172616D23323A3078323333323062306130303030303030307D3E3C5265636F726423363A20436F6D70757465723D286E756C6C293B5069643D3731363B372F342F323031362031323A333A353A3737343B5374617475733D31303036303B47656E636F6D703D31383B4465746C6F633D3331383B466C6167733D303B506172616D733D303B3E</Binary>
  </EventData>
</Event>

Log Name:      System
Source:        Microsoft-Windows-DistributedCOM
Date:          2016-07-04 14:00:35
Event ID:      10006
Task Category: None
Level:         Error
Keywords:      Classic
User:          SYSTEM
Computer:      SRV0006.domain.se
Description:
DCOM got error "2147944122" from the computer 10.10.10.31 when attempting to activate the server:
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-DistributedCOM" Guid="{1B562E86-B7AA-4131-BADC-B6F3A001407E}" EventSourceName="DCOM" />
    <EventID Qualifiers="0">10006</EventID>
    <Version>0</Version>
    <Level>2</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8080000000000000</Keywords>
    <TimeCreated SystemTime="2016-07-04T12:00:35.662383900Z" />
    <EventRecordID>1770960</EventRecordID>
    <Correlation />
    <Execution ProcessID="716" ThreadID="7260" />
    <Channel>System</Channel>
    <Computer>SRV0006.domain.se</Computer>
    <Security UserID="S-1-5-18" />
  </System>
  <EventData>
    <Data Name="param1">2147944122</Data>
    <Data Name="param2">10.10.10.31</Data>
    <Data Name="param3">{8BC3F05E-D86B-11D0-A075-00C04FB68820}</Data>
  </EventData>
</Event>

11 people had this problem
Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card