Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. The COM+ Event System service and the Shell Hardware Detection service do not start successfully on a Windows Server 2003-based computer

The COM+ Event System service and the Shell Hardware Detection service do not start successfully on a Windows Server 2003-based computer

View products that this article applies to.

Symptoms

You experience the following symptoms on a Microsoft Windows Server 2003-based computer:
  • The Microsoft COM+ Event System service does not start successfully. In this scenario, the service stops responding (hangs). Additionally, the Services Microsoft Management Console (MMC) snap-in reports a status of Starting.
  • The Shell Hardware Detection service does not start successfully. In this scenario, the service stops responding (hangs). Additionally, the Services Microsoft Management Console (MMC) snap-in reports a status of Starting.
  • Other dependent services do not start. If you click the Dependencies tab in the ServiceName Properties (Local Computer) dialog box of one of the affected services, you receive the following error message:
    Win32: RPC server is unavailable.
  • The Network Connections dialog box is blank. In this scenario, no Local Area Connection icon appears when you open the Network Connections dialog box.
  • If you open the Component Services dialog box (Dcomcnfg.exe), you experience the following symptoms:
    • When you expand Component Services and then you expand Computers, a red down arrow appears over the My Computer icon.
    • If you right-click My Computer and then you click Properties, the Enable Distributed COM on this computer check box is not selected on the Default Properties tab.

↑ Back to the top

Resolution

To troubleshoot this problem, follow these steps.

Step 1: Install the latest COM+ rollup package

Obtain the latest COM+ hotfix rollup package. For more information about how to obtain the latest COM+ hotfix rollup package, click the following article number to view the article in the Microsoft Knowledge Base:
896729 Availability of Windows Server 2003 Post-Service Pack 1 COM+ Hotfix Rollup Package 5

Step 2: Examine the "Impersonate a client after authentication" policy settings

View the Impersonate a client after authentication policy settings. In this policy, the following accounts must appear on the Local Security Setting tab:
  • SERVICE
  • IIS_ComputerName
  • NETWORK
  • Administrators
To view this policy, follow these steps:
  1. Click Start, click Run, type gpedit.msc, and then click OK.
  2. In the Group Policy Object Editor window, expand Computer Configuration, expand Windows Settings, and then expand Security Settings.
  3. Expand Local Policies, and then click User Rights Assignment.
  4. In the details pane, double-click Impersonate a client after authentication.
  5. Determine whether the appropriate accounts are listed on the Local Security Setting tab.
You can use the Resultant Set of Policy (RSoP) Microsoft Management Console (MMC) snap-in to view the effective policy settings for the Impersonate a client after authentication policy. To do this, follow these steps:
  1. Click Start, click Run, type rsop.msc, and then click OK.
  2. In the Resultant Set of Policy window, expand Computer Configuration, expand Windows Settings, and then expand Security Settings.
  3. Expand Local Policies, and then click User Rights Assignment.
  4. In the details pane, view the value in the Computer Setting column for the Impersonate a client after authentication policy.
For more information, click the following article number to view the article in the Microsoft Knowledge Base:
323276 How to install and use RSoP in Windows Server 2003

Step 3: Remove the EventSystem registry subkey

Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall the operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.

Back up the following registry subkey:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EventSystem
Remove this registry subkey, and then restart the computer.

To do this, follow these steps:
  1. Click Start, click Run, type regedit, and then click OK.
  2. Locate and then click the following registry subkey:
    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EventSystem
  3. On the File menu, click Export, type Exported EventSystem Key in the File name box, and then click Save.
  4. Right-click EventSystem, click Delete, and then click Yes to confirm that you want to remove this registry subkey.
  5. Restart the computer.
  6. Log on the computer.
  7. Click Start, click Run, type regsvr32.exe es.dll, and then click OK.
  8. Restart the computer.
  9. Examine the list of running services to verify that the following two services start successfully:
    • COM+ Event System
    • Shell Hardware Detection

↑ Back to the top

Keywords: KB933994, kbprb, kberrmsg, kbtshoot

↑ Back to the top

Article Info
Article ID : 933994
Revision : 3
Created on : 10/11/2007
Published on : 10/11/2007
Exists online : False
Views : 257