This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject

A new Flexera Community experience is coming on November 25th. Click here for more information.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Can someone confirm if errors with GetGroupsFromActiveDirectory indicates an with AppPortal or AppBroker or ActiveDirectory?

Jump to solution
kevin_christens
By
Level 7

I am trying to determine why access to our AppPortal GUI appeared to be unavailable for a certain time period or if the authentication attempt issues was a result of AppPortal trying to validate software requests to SCCM.  I would guess an issue with Active Directory but want to confirm the log message is accurate. 

Error snippet below is from UserLog\ZZ_XXXXXXXX (username and domain was changed here to protect data)

Making call to get Group membership. Domain = NA; UniqueName = ZZ\XXXXXXXX Proceed 12/6/2021 3:58:58 AM 1 (0x0001)
Triggered method GetGroupsFromActiveDirectory GetGroupsFromActiveDirectory 12/6/2021 3:58:58 AM 1 (0x0001)
HasUntrustedDomains = FALSE GetGroupsFromActiveDirectory 12/6/2021 3:58:58 AM 1 (0x0001)
Error : GetPageAccessLevel failed to get Member Groups at - Retrieving the COM class factory for component with CLSID {274FAE1F-3626-11D1-A3A4-00C04FB950DC} failed due to the following error: 800703fa Illegal operation attempted on a registry key that has been marked for deletion. (Exception from HRESULT: 0x800703FA). Proceed 12/6/2021 3:58:58 AM 1 (0x0001)
Trying to get GUID for UniqueName ZZ\XXXXXXXX Proceed 12/6/2021 3:58:58 AM 1 (0x0001)
NULL GUID returned Proceed 12/6/2021 3:58:58 AM 1 (0x0001)

‎Dec 06, 2021 07:57 AM

0 Kudos
(1) Solution

Jump to solution
CharlesW
By Level 12 Flexeran
Level 12 Flexeran

I've seen this reported on occasion. It is not really directly related to either App Broker or Active Directory. Typically, you can resolve the issue permanently by changing a group policy setting on the server. If you look at the resolution section in the following article, it is mentioned that there is a group policy setting that can resolve the behavior.

A COM+ application may stop working in Windows when a user logs off 

To summarize, try setting the "Do not forcefully unload the user registry at user logoff " group policy to "enabled". The policy can be found in the group policy editor (gpedit.msc) under Computer Configuration->Administrative Templates->System-> UserProfiles

View solution in original post

‎Dec 06, 2021 08:43 AM

(2) Replies

Jump to solution
CharlesW
By Level 12 Flexeran
Level 12 Flexeran

I've seen this reported on occasion. It is not really directly related to either App Broker or Active Directory. Typically, you can resolve the issue permanently by changing a group policy setting on the server. If you look at the resolution section in the following article, it is mentioned that there is a group policy setting that can resolve the behavior.

A COM+ application may stop working in Windows when a user logs off 

To summarize, try setting the "Do not forcefully unload the user registry at user logoff " group policy to "enabled". The policy can be found in the group policy editor (gpedit.msc) under Computer Configuration->Administrative Templates->System-> UserProfiles

‎Dec 06, 2021 08:43 AM

Jump to solution
jdempsey
By Moderator Moderator
Moderator

Any time I see that message about a registry key being marked for deletion, I just reboot my server and it clears up.  Good to know there is a better solution.  Thanks, Kevin, for raising the question, and thanks, Charles, for the answer!

Anything expressed here is my own view and not necessarily that of my employer, Flexera. If my reply answers a question you have raised, please click "ACCEPT AS SOLUTION".

‎Dec 27, 2021 01:59 PM

0 Kudos
Top Kudoed Authors
View all